F5 Networks Update
2232Warning Date
Severity Level
Warning Number
Target Sector
19 November, 2020
● Medium
2020-2090
All
Description:
F5 Networks has released a security update to address a vulnerability in the following product:
- BIG-IP (LTM, AAM, Advanced WAF, AFM, Analytics, APM, ASM, DDHD, DNS, FPS, GTM, Link Controller, PEM, SSLO)
- 16.0.0
- 15.0.0 - 15.1.1
* Vulnerability in BIG-IP virtual server
Threats:
An attacker could exploit this vulnerability by conducting TCP sequence prediction attack.
Best practice and Recommendations:
The CERT team encourages users to review F5 Networks security advisory and apply the necessary updates:
To mitigate this vulnerability:
- Set the value for the system database variable "connection.syncookies.algorithm" to "software". This procedure may increase the CPU usage of the BIG-IP system.