OpenVPN protocol – why it is so good
The researchers explained that the management console of the central administrator can be remotely accessed by any attacker who has access to the administrative user interface through CVEs 2024-21793 and 2024-26026. This would give attackers full administrative control over the administrator. Attackers could then use other vulnerabilities to create new accounts on any BIG-IP asset managed by the central administrator. These new malicious accounts would not be visible to the central administrator itself.F5’s Network Control Manager (NCM) allows IT teams to manage a variety of devices, including application delivery controllers, firewalls, and other network devices. The NCM offers features for configuration management, policy enforcement, monitoring, and reporting in distributed networks. Shodan data indicates that there are over 10,000 devices running F5 BIG-IP with open management ports.
F5 has shared a workaround for administrators experiencing difficulties installing the latest software update. According to F5’s instructions, restricting access to the Next Central Manager to trusted users on a secured network should resolve the issue. There is no indication of widespread exploitation at this time, according to Eclypsium.
What is BIG-IP?
In the early days of F5, BIG/IP was our original load balancer. Today, BIG-IP is a family of products covering software and ...
Discover more from Drone Rewiews
Subscribe to get the latest posts to your email.