- Description
- When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
- Source
- f5sirt@f5.com
- NVD status
- Analyzed
- Products
- big-ip_access_policy_manager, big-ip_advanced_firewall_manager, big-ip_analytics, big-ip_application_acceleration_manager, big-ip_application_security_manager, big-ip_domain_name_system, big-ip_fraud_protection_service, big-ip_global_traffic_manager, big-ip_link_controller, big-ip_local_traffic_manager, big-ip_policy_enforcement_manager
CVSS 4.0
- Type
- Secondary
- Base score
- 8.5
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 9.1
- Impact score
- 6
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- f5sirt@f5.com
- CWE-77
- Hype score
- Not currently trending
[CVE-2025-23239: HIGH] Authenticated remote command injection vulnerability in Appliance mode running software. Exploit allows crossing security boundary. EoTS versions not evaluated.#cybersecurity,#vulnerability https://t.co/BOokdVousE https://t.co/y30BxN82Pm
@CveFindCom
5 Feb 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23239 When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allo… https://t.co/WaHSwmni6e
@CVEnew
5 Feb 2025
222 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B174875C-196E-4498-8B9D-920DCC437A9D"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80C0D584-36AD-43FF-BB2B-5D23E58F86A6"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04CA832A-0B44-4ED3-982C-64383EAD2CA4"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CC6C0B1-3A80-4D8C-8CFC-B921A4572B0B"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE41667C-F5FE-48F9-9555-EE191618E890"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46A89A92-1E58-49B4-9A09-97D5D1D1BFE3"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FED059F5-6FCB-40AB-A72B-8042075C2DFD"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9FFD39E-D450-4CFE-A349-5D296CB4D937"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA40288B-D088-4C4B-A848-C289FAC20764"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92FF1ECD-F7B7-4618-BF7F-769B58B4BF7C"
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54FC4AB6-825A-418E-A625-F76602A4B57B"
}
],
"operator": "OR"
}
]
}
]