More than 8,450 F5 Networks customers exposed to vulnerabilities

More than 8,450 F5 Networks customers exposed to vulnerabilities Cybersecurity

Companies using F5 Networks Big-IP solutions need to update their products. Two security vulnerabilities, including one critical, have been identified in the traffic management user interface and the application flow controller configuration utility.

F5 Networks Big-IP solutions specialized in the field of application flow control are exposed to a feat of vulnerability. Customers who use them, evaluated at more than 8,540 worldwide, almost half of which are in the United States, must imperatively carry out product updates. Most of the companies using these solutions are large accounts widely represented in the Fortune 500 classification. Two security vulnerabilities have been identified: one in the traffic management user interface and the other in the configuration utility of the application flow controller.

“The vulnerable versions of BIG-IP (11.6.x, 12.1.x, 13.1.x, 14.1.x, 15.0.x, 15.1.x) must be replaced by the corresponding updated versions (11.6.5.2, 12.1. 5.2, 13.1. 3.4, 14.1.2.6, 15.1.0.4). Users of public cloud marketplaces such as AWS, Azure, GCP and Alibaba must upgrade to versions 11.6.5.2, 12.1.5.2, 13.1.3.4, 14.1.2.6, 15.0.1.4 or 15.1 of BIG-IP Virtual Edition ( VE). 0.4, if available, “said security expert Mikhail Klyuchnikov at Positive Technologies behind the discovery of these flaws.

A risk of total system compromise

The vulnerability CVE-2020-5902 has received a CVSS score of 10 indicating the highest possible risk of danger. “This vulnerability allows unauthenticated attackers or authenticated users, with network access to the TMUI, via the BIG-IP management port and / or Self IPs, to execute arbitrary system commands, to create or to delete files, disable services and / or execute arbitrary Java Code. This vulnerability can lead to a complete system compromise. The BIG-IP system in Appliance mode is also vulnerable. This problem is not discussed on the data plane; only the control plan is affected, ”warns F5 Networks.

The CVE-2020-5903 flaw has a slightly lower score (7.5) but is a threat not to be underestimated. It allows you to run malicious JavaScript code. If the user has administrator privileges and access to Advanced Shell (bash), successful operation can lead to a complete compromise of BIG-IP via remote code execution.

Source: www.lemondeinformatique.fr

Rate article