F5 Networks Warning
1695Warning Date
Severity Level
Warning Number
Target Sector
4 June, 2020
● High
2020-1316
All
Description:
F5 Networks has released a security update to address a vulnerability in the following products:
- BIG-IP
- 15.0.0 - 15.1.0
- 14.1.0 - 14.1.2
- 13.1.0 - 13.1.3
- 11.6.1 - 11.6.5
Threats:
Attacker could exploit the vulnerability by trigger a Denial of Service (DoS) attack.
Best practice and Recommendations:
The F5 Networks team encourages users to review apply the following mitigation:
- To prevent the BIG-IP system from being a tool in the attack, if you know the malicious domains being used with NXNSAttack, you can configure a Response Policy Zone (RPZ) to drop DNS traffic for these malicious domains.
- To reduce the chances of the BIG-IP system becoming the target victim of the DoS attack, you can consider only providing DNS cache service to trusted users or networks.
For more information: