CVE-2023-29240
EUVD-2023-3281703.05.2023, 15:15
An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| f5 | big-iq_centralized_management | 8.0.0 ≤ 𝑥 < 8.3.0 |
𝑥
= Vulnerable software versions