F5 Products Multiple Vulnerabilities

Release Date: 17 Oct 2024 3768 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in F5 Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and cross-site scripting on the targeted system.

 

Note:

No patch is currently available for CVE-2019-10768, CVE-2019-14863, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117 and CVE-2023-26118 of the affected products. Hence, the risk level is rated from Medium Risk to High Risk.

 

Impact

  • Denial of Service
  • Elevation of Privilege
  • Cross-Site Scripting

System / Technologies affected

BIG-IP (all modules)

  • 15.1.0 - 15.1.10
  • 16.1.0 - 16.1.5
  • 17.1.0 - 17.1.1

 

BIG-IQ Centralized Management

  • 8.2.0

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

 

Workaround:

 

For CVE-2019-10768, CVE-2019-14863, CVE-2022-25869, CVE-2023-26116, CVE-2023-26117 and CVE-2023-26118,  reduce the vulnerability of attacks by following workaround:

  1. Remove access for users who are not completely trusted

Vulnerability Identifier

Source

Related Link

Related Tags

F5Denial of ServiceElevation of PrivilegeCross Site Scripting

Share with

Previous

Kubernetes Multiple Vulnerabilities

17 Oct 2024 3119 Views

Next

Oracle Products Multiple Vulnerabilities

16 Oct 2024 3597 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY