QID 379413

Date Published: 2024-02-27

QID 379413: BIG-IP cURL Multiple Vulnerabilities (K000138650)

CVE-2023-46218: This flaw allows a malicious HTTP server to set super cookies in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL).

Affected Versions:
F5 BIG-IP (AFM) version 17.1.0 - 17.1.1
F5 BIG-IP (AFM) version 16.1.0 - 16.1.4
F5 BIG-IP (AFM) version 15.1.0 - 15.1.10

QID Detection Logic (Authenticated):
This QID checks for vulnerable version of F5 BIG-IP by running the 'tmsh -q show /sys version' command.

On successful exploitation when custom scripts are used to accept super cookies and exposed to this vulnerability.

CVSS V3 rated as High - 6.5 severity.

CVSS V2 rated as Low - 2.1 severity.

Solution

Please check the fixed versions released by the vendor in K000138650

Vendor References

K000138650 - my.f5.com/manage/s/article/K000138650

CVEs related to QID 379413

CVE-2023-46218 |

Software Advisories

Advisory ID	Software	Component	Link
K000138650			my.f5.com/manage/s/article/K000138650

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].