Skip to main content

F5 Releases Security Updates for BIG-IP Product Lines

Scheduled quarterly updates for F5 address 21 vulnerabilities

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Scheduled quarterly updates for F5 address 21 vulnerabilities


Affected platforms

The following platforms are known to be affected:

The following platforms are also known to be affected:

Multiple F5 products are affected by at least one of these vulnerabilities. Please review the advisories listed below for a full list of affected products.

Threat details

Introduction

F5 has released an overview of vulnerabilities for some of their networking products, including BIG-IP and BIG-IQ Centralized Management. Security exposures and 21 vulnerabilities are addressed in the advisory, with 12 High impact, 8 Medium impact, and 1 Low impact vulnerabilities. These vulnerabilities include bypassing security restrictions, executing arbitrary system commands, causing a denial-of-service (DoS) condition, and escalating privileges.

An attacker could exploit some of these vulnerabilities to take control of an affected system.


Remediation advice

Affected organisations are encouraged to review F5 August 2022 Quarterly Security Notification and apply any relevant updates or mitigations.


Definitive source of threat updates


CVE Vulnerabilities

Last edited: 8 August 2022 5:39 pm