Home Cyber Crime Critical F5 BIG-IP bug impacts customers in sensitive sectors

Critical F5 BIG-IP bug impacts customers in sensitive sectors

16
0


BIG-IP software providers firm F5 has mounted greater than a dozen high-severity vulnerabilities in its networking system, considered one of them being elevated to vital severity beneath particular situations.

The problems are a part of this month’s supply of safety updates, which addresses nearly 30 vulnerabilities for a number of F5 gadgets.

Vital bug for delicate sectors

Of the 13 high-severity flaws that F5 mounted, one turns into vital in a configuration “designed to satisfy the wants of consumers in particularly delicate sectors” and will result in full system compromise.

The problem is now tracked as CVE-2021-23031 and impacts BIG-IP modules Superior WAF (Internet Utility Firewall) and the Utility Safety Supervisor (ASM), particularly the Site visitors Administration Consumer Interface (TMUI).

Usually, it’s a privilege escalation with an 8.8 severity rating that may be exploited by an authenticated attacker with entry to the Configuration utility to run arbitrary system instructions, which might result in full system compromise.

For patrons utilizing the Appliance Mode, which applies some technical restrictions, the identical vulnerability comes with a vital score of 9.9 out of 10.

F5’s security advisory for CVE-2021-23031 doesn’t present many particulars on why there are two severity scores, however notes that there’s a “restricted variety of prospects” which might be impacted by the vital variant of the bug until they set up the up to date model or apply mitigations.

For organizations the place updating the gadgets shouldn’t be attainable, F5 says that the one approach to defend towards attainable exploitation is to restrict entry to the Configuration utility solely to fully trusted customers.

Apart from CVE-2021-23031, the dozen high-severity safety bugs that F5 addressed this month include danger scores between 7.2 and seven.5. Half of them have an effect on all modules, 5 impression the Superior WAF and ASM, and one impacts the DNS module.

CVE / Bug ID Severity CVSS rating Affected merchandise Affected variations Fixes launched in
CVE-2021-23025 Excessive 7.2 BIG-IP (all modules) 15.0.0 – 15.1.0
14.1.0 – 14.1.3
13.1.0 – 13.1.3
12.1.0 – 12.1.6
11.6.1 – 11.6.5
16.0.0
15.1.0.5
14.1.3.1
13.1.3.5
CVE-2021-23026 Excessive 7.5 BIG-IP (all modules) 16.0.0 – 16.0.1
15.1.0 – 15.1.2
14.1.0 – 14.1.4
13.1.0 – 13.1.4
12.1.0 – 12.1.6
11.6.1 – 11.6.5
16.1.0
16.0.1.2
15.1.3
14.1.4.2
13.1.4.1
BIG-IQ 8.0.0 – 8.1.0 
7.0.0 – 7.1.0
6.0.0 – 6.1.0
None
CVE-2021-23027 Excessive 7.5 BIG-IP (all modules) 16.0.0 – 16.0.1
15.1.0 – 15.1.2
14.1.0 – 14.1.4
16.1.0
16.0.1.2
15.1.3.1
14.1.4.3
CVE-2021-23028 Excessive 7.5 BIG-IP (Superior WAF, ASM) 16.0.0 – 16.0.1
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.3
16.1.0
16.0.1.2
15.1.3.1
14.1.4.2
13.1.4
CVE-2021-23029 Excessive 7.5 BIG-IP (Superior WAF, ASM) 16.0.0 – 16.0.1 16.1.0
16.0.1.2
CVE-2021-23030 Excessive 7.5 BIG-IP (Superior WAF, ASM) 16.0.0 – 16.0.1
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.4
12.1.0 – 12.1.6
16.1.0
16.0.1.2
15.1.3.1
14.1.4.3
13.1.4.1
CVE-2021-23031

Excessive

Vital – Equipment mode solely

8.8

9.9

BIG-IP (Superior WAF, ASM) 16.0.0 – 16.0.1
15.1.0 – 15.1.2
14.1.0 – 14.1.4
13.1.0 – 13.1.3
12.1.0 – 12.1.5
11.6.1 – 11.6.5
16.1.0
16.0.1.2
15.1.3
14.1.4.1
13.1.4
12.1.6
11.6.5.3
CVE-2021-23032 Excessive 7.5 BIG-IP (DNS) 16.0.0 – 16.0.1
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.4 
12.1.0 – 12.1.6
16.1.0 
15.1.3.1
14.1.4.4
CVE-2021-23033 Excessive 7.5 BIG-IP (Superior WAF, ASM) 16.0.0 – 16.0.1
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.4
12.1.0 – 12.1.6
16.1.0
15.1.3.1
14.1.4.3
13.1.4.1
CVE-2021-23034 Excessive 7.5 BIG-IP (all modules) 16.0.0 – 16.0.1
15.1.0 – 15.1.3
16.1.0 
15.1.3.1
CVE-2021-23035 Excessive 7.5 BIG-IP (all modules) 14.1.0 – 14.1.4 14.1.4.4
CVE-2021-23036 Excessive 7.5 BIG-IP (Superior WAF, ASM, DataSafe) 16.0.0 – 16.0.1 16.1.0
16.0.1.2
CVE-2021-23037 Excessive 7.5 BIG-IP (all modules) 16.0.0 – 16.1.0
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.4
12.1.0 – 12.1.6
11.6.1 – 11.6.5
None

The failings vary from authenticated distant command execution to cross-site scripting (XSS) and request forgery, to inadequate permission and denial-of-service.

The complete record of vulnerabilities of safety fixes consists of much less extreme bugs (medium and low) and is on the market in F5’s advisory.

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) has launched a notification about F5’s safety advisory, encouraging customers and directors to evaluation the data from the corporate and set up the software program updates or apply the mandatory mitigations.



Source link