CVE-2023-39447

{"id": "CVE-2023-39447", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "f5sirt@f5.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.8}]}, "published": "2023-10-10T13:15:20.613", "references": [{"url": "https://my.f5.com/manage/s/article/K47756555", "tags": ["Vendor Advisory"], "source": "f5sirt@f5.com"}, {"url": "https://my.f5.com/manage/s/article/K47756555", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "f5sirt@f5.com", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "\nWhen BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log.\u00a0\u00a0\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n\n"}, {"lang": "es", "value": "Cuando se configura BIG-IP APM Guided Configurations, es posible que se registre informaci\u00f3n confidencial no divulgada en restnoded log. Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se eval\u00faan."}], "lastModified": "2024-11-21T08:15:26.793", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48743FD4-1E72-4550-92D6-F06D6D0AF142", "versionEndExcluding": "15.1.8", "versionStartIncluding": "15.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8F16422-A642-4614-96F2-E5B4877E8206", "versionEndExcluding": "16.1.4", "versionStartIncluding": "16.1.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD637AF5-F7D1-428F-955E-16756B7476E0"}, {"criteria": "cpe:2.3:a:f5:big-ip_guided_configuration:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C36042F8-9B48-4E0D-ABC1-F10BE2A49CB8", "versionEndIncluding": "7.7", "versionStartIncluding": "7.0"}, {"criteria": "cpe:2.3:a:f5:big-ip_guided_configuration:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63E1215D-2724-4249-B0FD-16C32480A11D"}, {"criteria": "cpe:2.3:a:f5:big-ip_guided_configuration:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AED33D2-594D-4057-A7D5-041665AA6E07"}], "operator": "OR"}]}], "sourceIdentifier": "f5sirt@f5.com"}