F5 Products Denial of Service Vulnerability
Release Date:
26 Mar 2024
3359
Views
RISK: High Risk
TYPE: Operating Systems - Networks OS
A vulnerability was identified in F5 Products. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system.
Note:
No patch is currently available for CVE-2023-4408 of the affected products.
Impact
- Denial of Service
System / Technologies affected
BIG-IP (all modules)
- 17.1.0 - 17.1.1
- 16.1.0 - 16.1.4
- 15.1.0 - 15.1.10
BIG-IQ Centralized Management
- 8.1.0 - 8.3.0
Solutions
Please visit the vendor web-site for more details.
Apply workarounds issued by the vendor:
Workaround:
Reduce the vulnerability of attacks by following workaround:
- Ensuring that TCP/UDP port 53 is not allowed as a default service (allow-service default)
- Disabling the Use BIND Server on BIG-IP option in the DNS profile
Vulnerability Identifier
Source
Related Link
Related Tags
Share with