{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T03:55:56.708","vulnerabilities":[{"cve":{"id":"CVE-2023-45226","sourceIdentifier":"f5sirt@f5.com","published":"2023-10-10T13:15:22.383","lastModified":"2024-11-21T08:26:35.180","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nThe BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only exposed when ssh debug is enabled.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"},{"lang":"es","value":"Los contenedores BIG-IP SPK TMM (Módulo de gestión de tráfico) f5-debug-sidecar y f5-debug-sshd contienen credenciales codificadas que pueden permitir que un atacante con la capacidad de interceptar el tráfico, se haga pasar por el servidor SPK Secure Shell (SSH) en esos contenedores. Esto sólo se expone cuando la depuración ssh está habilitada. Nota: Las versiones de software que han llegado al End of Technical Support (EoTS) no se evalúan"}],"metrics":{"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:1.5.0:*:*:*:*:*:*:*","matchCriteriaId":"7120EAB7-4BAE-4ECB-9613-91132FB1EEAD"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000135874","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://my.f5.com/manage/s/article/K000135874","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}