漏洞平台

POC详情： 9eaf5e1adb403b48044c036abc89203b17fb5a94

来源

https://github.com/maniak-academy/Mitigate-CVE-2023-46747

关联漏洞

标题： F5 BIG-IP Configuration utility 安全漏洞 (CVE-2023-46747)
描述：F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP Configuration utility存在安全漏洞，该漏洞源于存在远程代码执行（RCE）漏洞。攻击者可利用该漏洞通过management port或self IP addresses执行任意系统命令。

介绍

# Ansible Playbook to Mitigate CVE-2023-46747

##  K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747
Here is the link  https://my.f5.com/manage/s/article/K000137353

## How to use it

1. Git clone my repo https://github.com/maniak-academy/Mitigate-CVE-2023-46747.git
2. Update the hosts.ini if you bigip information
3. execute the playbook 

```
ansible-playbook -i hosts.ini playbook.yaml   
```


Here is the output.

PLAY [Execute script on F5 BIG-IP] ****************************************************************************************************************

TASK [Copy the script to the BIG-IP] **************************************************************************************************************
changed: [172.16.10.31]
changed: [172.16.10.30]

TASK [Execute the script on the BIG-IP] ***********************************************************************************************************
changed: [172.16.10.30]
changed: [172.16.10.31]

TASK [Save script output messages] ****************************************************************************************************************
ok: [172.16.10.30]
ok: [172.16.10.31]

TASK [Aggregate script output messages on localhost] **********************************************************************************************
ok: [172.16.10.30 -> localhost] => (item=Applying ID1378329 mitigation...)
ok: [172.16.10.30 -> localhost] => (item=Restarting httpd...)
ok: [172.16.10.31 -> localhost] => (item=Applying ID1378329 mitigation...)
)k: [172.16.10.30 -> localhost] => (item=Stopping httpd: [  OK  ]
ok: [172.16.10.31 -> localhost] => (item=Restarting httpd...)
)k: [172.16.10.30 -> localhost] => (item=Starting httpd: [  OK  ]
)k: [172.16.10.31 -> localhost] => (item=Stopping httpd: [  OK  ]
)k: [172.16.10.31 -> localhost] => (item=Starting httpd: [  OK  ]
ok: [172.16.10.30 -> localhost] => (item=Restarting tomcat...)
ok: [172.16.10.30 -> localhost] => (item=Done!)
ok: [172.16.10.31 -> localhost] => (item=Restarting tomcat...)
ok: [172.16.10.31 -> localhost] => (item=Done!)

文件快照

 [4.0K]  /data/pocs/9eaf5e1adb403b48044c036abc89203b17fb5a94
├── [  36]  ansible.cfg
├── [ 186]  hosts.ini
├── [4.0K]  mitigation.sh
├── [1.8K]  playbook.yaml
└── [2.1K]  README.md

0 directories, 5 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。