CVE-2024-23603

CVSS 3.1 Score 3.8 of 10 (low)

Details

Published Feb 14, 2024

CWE ID 89

Summary

CVE-2024-23603 is a newly disclosed SQL injection vulnerability affecting the BIG-IP Configuration utility. An attacker can exploit this vulnerability by injecting malicious SQL commands into an undisclosed page of the utility. Successful exploitation could lead to unauthorized access, data theft, or system compromise. It is essential to note that versions of the software beyond the End of Technical Support (EoTS) are not evaluated for this vulnerability. Therefore, organizations using affected versions should prioritize updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uXogkX
https://www.cve.org/CVERecord?id=CVE-2024-23603
https://nvd.nist.gov/vuln/detail/CVE-2024-23603

Back to Vulnerability Database

CVE-2024-23603

CVSS 3.1 Score 3.8 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations