F5 Products Denial of Service Vulnerability

March 26, 2024

A vulnerability was identified in F5 Products. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system.

 

Note:

No patch is currently available for CVE-2023-4408 of the affected products.

RISK: High Risk

High Risk

TYPE: Operating Systems – Networks OS

TYPE: Networks OS

Impact

  • Denial of Service

System / Technologies affected

BIG-IP (all modules)

 

  • 17.1.0 – 17.1.1
  • 16.1.0 – 16.1.4
  • 15.1.0 – 15.1.10 

 

BIG-IQ Centralized Management

 

  • 8.1.0 – 8.3.0
 

Solutions

Please visit the vendor web-site for more details.

 

Apply workarounds issued by the vendor:

 

Workaround:

Reduce the vulnerability of attacks by following workaround:

 

  1. Ensuring that TCP/UDP port 53 is not allowed as a default service (allow-service default)
  2. Disabling the Use BIND Server on BIG-IP option in the DNS profile

Vulnerability Identifier

Source

Related Link

https://my.f5.com/manage/s/article/K000138990

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: ,

You may have missed

Sliver C2

Sliver C2 Detected – 95[.]163[.]214[.]182:31337

May 2, 2024
Sliver C2

Sliver C2 Detected – 83[.]229[.]120[.]214:31337

May 2, 2024
Sliver C2

Sliver C2 Detected – 103[.]207[.]68[.]204:31337

May 2, 2024
play news ransomware

Play Ransomware Victim: Profile Products

May 2, 2024
play news ransomware

Play Ransomware Victim: Canatal Industries

May 2, 2024