Critical vulnerabilities found in F5 Networks BIG-IP platform

warning symbol
Source: PashaIgnatov | Getty Images

Network admins with certain app delivery controllers and central management devices from F5 Networks are urged to install the latest security updates after the discovery of seven vulnerabilities, four of which are rated as critical.

In an alert issued March 11 the company said all of the vulnerabilities are in BIG-IP versions 16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, and 11.6.5.3. One affects BIG-IQ versions 8.0.0, 7.1.0.3, and 7.0.0.2.

“We urge all customers to update their BIG-IP and BIG-IQ deployments to the fixed versions as soon as possible,” executive vice-president Kara Sprague wrote in a March 10 blog post.

Those who can’t update systems immediately should apply mitigations in security advisories while developing a plan to complete the updates. Additional resources are available at the F5 vulnerability response site. 

UPDATE: On March 19th the company said it has started seeing attackers trying to exploit the vulnerabilities.

The vulnerabilities are:

Security researchers note that it doesn’t take long after a vendor announces a serious vulnerability for attackers to try to exploit unpatched devices.

Would you recommend this article?

0
0

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News