F5 Networks Alerts
1785Warning Date
Severity Level
Warning Number
Target Sector
25 August, 2021
● High
2021-3410
All
Description:
F5 Networks has released security alerts to address multiple vulnerabilities in the following products:
- BIG-IP
- 16.0.0 - 16.1.0
- 15.1.0 - 15.1.3
- 14.1.0 - 14.1.4
- 13.1.0 - 13.1.4
- 12.1.0 - 12.1.6
- 11.6.1 - 11.6.5
- 7.0
- 6.0
- 5.0
- 4.1
- 3.0
- Vulnerability in:
- TMUI
- compression functions
- BIG-IP Advanced WAF and ASM
- TMM
- GTP iRules
- GTP profiles
- OCSP authentication module,
- Guided Configuration control plane,
- TMM on AWS,
- BIG-IP APM access profile,
- TMUI
- iRuleLX, BIG-IP DNS,
- BIG-IP ASM MySQL database
- bd process,
- WebSocket processing,
- iControl SOAP
- TMUI/Configuration utility
- BIG-IQ Centralized Management
- 8.0.0 - 8.1.0
- 7.0.0 - 7.1.0
- 6.0.0 - 6.1.0
- Vulnerability in:
- iControl SOAP
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Denial of service (DoS)- remotely
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF).
- Execute arbitrary code
Best practice and Recommendations:
The CERT team encourages users to review F5 Networks security advisory:
- https://support.f5.com/csp/article/K21435974
- https://support.f5.com/csp/article/K35408374
- https://support.f5.com/csp/article/K70415522
- https://support.f5.com/csp/article/K45407662
- https://support.f5.com/csp/article/K36942191
- https://support.f5.com/csp/article/K05043394
- https://support.f5.com/csp/article/K44553214
- https://support.f5.com/csp/article/K42526507
- https://support.f5.com/csp/article/K24301698
- https://support.f5.com/csp/article/K05314769
- https://support.f5.com/csp/article/K52420610
- https://support.f5.com/csp/article/K63163637
- https://support.f5.com/csp/article/K53854428
- https://support.f5.com/csp/article/K42051445
- https://support.f5.com/csp/article/K00602225
- https://support.f5.com/csp/article/K05391775
- https://support.f5.com/csp/article/K94255403
- https://support.f5.com/csp/article/K30150004
- https://support.f5.com/csp/article/K30291321
- https://support.f5.com/csp/article/K49549213
- https://support.f5.com/csp/article/K48321015
- https://support.f5.com/csp/article/K93231374
- https://support.f5.com/csp/article/K94941221
- https://support.f5.com/csp/article/K70652532
- https://support.f5.com/csp/article/K79428827
- https://support.f5.com/csp/article/K19012930
- https://support.f5.com/csp/article/K14903688
- https://support.f5.com/csp/article/K55543151
- https://support.f5.com/csp/article/K65397301
- https://support.f5.com/csp/article/K01153535
- https://support.f5.com/csp/article/K32734107
- https://support.f5.com/csp/article/K66782293
- https://support.f5.com/csp/article/K61643620
- https://support.f5.com/csp/article/K30523121
- https://support.f5.com/csp/article/K50974556