F5 Networks Update
1886Warning Date
Severity Level
Warning Number
Target Sector
7 May, 2020
● Medium
2020-1212
All
Description:
F5 Networks has released a security update to address two vulnerabilities in the following product:
- NGINX Controller
- 3.0.0 - 3.3.0
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of Service (DoS) attack.
- Use the session token before it expires on the server-side, even if the valid user has logged out.
Best practice and Recommendations:
The CERT team encourages users to review F5 Networks security advisory and apply the necessary update: