ET INFO F5 BIG-IP - Successful Password Reset Attempt - Observed Post CVE-2023-46747 ActivitySource: et/open
alert http $HOME_NET any -> any any (msg:"ET INFO F5 BIG-IP - Successful Password Reset Attempt - Observed Post CVE-2023-46747 Activity"; flow:established,to_client; flowbits:isset,ET.CVE-2023-46747.pw.request; http.stat_code; content:"200"; http.response_body; content:"/mgmt/tm/auth/user/"; content:"|22|description|22|"; content:"|22|encryptedPassword|22|"; content:"|22|role|22|"; reference:url,packetstormsecurity.com/files/175673/F5-BIG-IP-TMUI-AJP-Smuggling-Remote-Command-Execution.html; classtype:successful-admin; sid:2049258; rev:1; metadata:attack_target Networking_Equipment, created_at 2023_11_20, deployment Perimeter, deployment SSLDecrypt, former_category INFO, performance_impact Low, confidence High, signature_severity Informational, updated_at 2023_11_20; target:src_ip;)
Reference
URLhttp://packetstormsecurity.com/files/175673/F5-BIG-IP-TMUI-AJP-Smuggling-Remote-Command-Execution.html
Metadata
attack_targetNetworking_Equipment
created_at2023_11_20
deploymentPerimeter
deploymentSSLDecrypt
former_categoryINFO
performance_impactLow
confidenceHigh
signature_severityInformational
updated_at2023_11_20
FlowbitAction
ET.CVE-2023-46747.pw.requestisset