漏洞标题
BigIP DNS TMUI 漏洞CVE-2022-33947
漏洞描述信息
BIG-IP DNS TMUI 漏洞 CVE-2022-33947
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
BIG-IP DNS TMUI Vulnerability CVE-2022-33947
漏洞描述信息
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, a vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface (TMUI) that allows an authenticated attacker with at least operator role privileges to cause the Tomcat process to restart and perform unauthorized DNS requests and operations through undisclosed requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
漏洞类别
可信数据的反序列化
漏洞标题
F5 BIG-IP 代码问题漏洞
漏洞描述信息
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP存在安全漏洞。具有操作员角色权限且经过身份验证的攻击者可以导致 Tomcat 进程重新启动并通过未公开的请求执行未经授权的 DNS 请求和操作。
CVSS信息
N/A
漏洞类别
代码问题