F5 Networks Updates
1665Warning Date
Severity Level
Warning Number
Target Sector
17 December, 2020
● High
2020-2223
All
Description:
F5 Networks has released a security updates to address multiple vulnerabilities in the following versions of BIG-IP:
- BIG-IP (DNS, GTM ,Link Controller)
- 15.0.0 - 15.1.0
- 14.1.0 - 14.1.2
- 13.1.0 - 13.1.3
- 12.1.0 - 12.1.5
- 11.5.2 - 11.6.5
- BIG-IP (APM)
- 15.0.0 - 15.1.0
- 14.1.0 - 14.1.2
- 13.1.0 - 13.1.3
- BIG-IP (LTM/CGNAT)
- 16.0.0
- 15.1.0
- 14.1.0 - 14.1.3
- 13.1.0 - 13.1.3
- BIG-IP (ASM, Advanced WAF )
- 16.0.0
- 15.0.0 - 15.1.0
- 14.1.0 - 14.1.3
- 13.1.0 - 13.1.3
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Unauthorized disclosure of information
- Cross-site scripting (XSS) attack
- Denial of service attack (DoS)
Best practice and Recommendations:
The CERT team encourages users to review F5 Networks security advisory and apply the necessary updates and best practices:
- https://support.f5.com/csp/article/K43850230
- https://support.f5.com/csp/article/K42933418
- https://support.f5.com/csp/article/K04048104
- https://support.f5.com/csp/article/K51574311
- https://support.f5.com/csp/article/K25691186
- https://support.f5.com/csp/article/K73657294
- https://support.f5.com/csp/article/K50343630
- https://support.f5.com/csp/article/K58102101
- https://support.f5.com/csp/article/K45143221
- https://support.f5.com/csp/article/K19166530
- https://support.f5.com/csp/article/K04518313
- https://support.f5.com/csp/article/K25595031
- https://support.f5.com/csp/article/K15310332
- https://support.f5.com/csp/article/K52035247
- https://support.f5.com/csp/article/K30343902
- https://support.f5.com/csp/article/K60344652