F5 Releases Security Updates

Scheduled quarterly updates for F5

Threat ID:: CC-4024
Threat Severity:: Information only
Published:: 21 January 2022 3:23 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled quarterly updates for F5

Affected platforms

The following platforms are known to be affected:

F5 BIG-IP (All Modules)

Versions: Centralized Management

F5 BIG-IQ

The following platforms are also known to be affected:

Many F5 products are affected by at least one of these vulnerabilities. Please review the advisories listed below for a full list of affected products.

Threat details

Introduction

F5 have released an overview of vulnerabilities for some of their networking products, including BIG-IP and BIG-IQ Centralized Management. Security exposures and 25 vulnerabilities are included in the advisory, with 15 CVEs rating High impact, 9 Medium impact, and 1 Low impact.

A remote unauthenticated attacker could exploit some of these vulnerabilities to take control of an affected system.

Remediation advice

Affected organisations are encouraged to review F5 January 2022 Quarterly Security Notification and apply any relevant updates or mitigations.

Definitive source of threat updates

https://support.f5.com/csp/article/K40084114

CVE Vulnerabilities