F5 Networks Updates
1928Warning Date
Severity Level
Warning Number
Target Sector
26 May, 2021
● Medium
2021-2959
All
Description:
F5 Networks has released security updates to address multiple vulnerabilities in the following products:
- NGINX Controller
- 3.0.0 - 3.9.0
- NGINX Plus
- R13 - R24
- NGINX Open Source
- 0.6.18 - 1.20.0
- NGINX Ingress Controller
- Versions using NGINX Plus: 1.0.0 - 1.11.1
- Versions using NGINX Open Source: 1.0.0 - 1.11.2
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Sensitive information disclosure
Best practice and Recommendations:
The CERT team encourages users to review F5 Networks security advisory: