Lucene search
F5F5:K000138732HistoryMay 08, 2024 - 12:00 a.m.
K000138732 : BIG-IP Next Central Manager OData Injection vulnerability CVE-2024-21793
2024-05-0800:00:00
my.f5.com
21
big-ip
odata injection
vulnerability
cve-2024-21793
unauthenticated
sql statements
Security Advisory Description
An OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI). (CVE-2024-21793)
Impact
An unauthenticated attacker can exploit this vulnerability to execute malicious SQL statements through the BIG-IP NEXT Central Manager API (URI).
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big\-ip_next | 20.0.1 | cpe:2.3:a:f5:big\-ip_next:20.0.1:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 20.0.2 | cpe:2.3:a:f5:big\-ip_next:20.0.2:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 20.1.0 | cpe:2.3:a:f5:big\-ip_next:20.1.0:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 20.1.1 | cpe:2.3:a:f5:big\-ip_next:20.1.1:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 20.2.0 | cpe:2.3:a:f5:big\-ip_next:20.2.0:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.1.0 | cpe:2.3:a:f5:big\-ip_next:1.1.0:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.1.1 | cpe:2.3:a:f5:big\-ip_next:1.1.1:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.2.0 | cpe:2.3:a:f5:big\-ip_next:1.2.0:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.2.1 | cpe:2.3:a:f5:big\-ip_next:1.2.1:*:*:*:*:*:*:* |
| f5 | big\-ip_next | 1.3.0 | cpe:2.3:a:f5:big\-ip_next:1.3.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2024-21793 BIG-IP Central Manager OData Injection Vulnerability
2024-05-08 15:01:28
nessus
nessus
F5 BIG-IP Next Central Manager < 20.2.0 SQLi (K000138732) (Direct Check)
2024-05-14 00:00:00
F5 BIG-IP Next Central Manager 20.0.1 < 20.2.0 OData Injection (K000138732)
2024-05-09 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-21793
2024-05-09 02:31:13
nvd
nvd
CVE-2024-21793
2024-05-08 15:15:07
cve
cve
CVE-2024-21793
2024-05-08 15:15:07
wallarmlab
wallarmlab
thn
thn
f5
f5
K000139404 : Quarterly Security Notification (May 2024)
2024-05-08 00:00:00