Wednesday, April 28, 2021
F5 announced patches for BIG-IP to fix a high priority authentication bypass vulnerability in APM AD auth.
An APM access policy configured with AD authentication and SSO (single sign-on) agent could be vulnerable to attacks where a spoofed credential can result in local administrator access.
System administrators are urged to update BIG-IP as soon as possible.
Important links:
BIG-IP APM AD authentication vulnerability CVE-2021-23008
BIG-IP update and upgrade guide
Frequently asked questions for upgrade and update videos
Wednesday, March 10, 2021
F5 announced patches for BIG-IP and BIG-IQ to fix 4 critical vulnerabilities that can lead to complete system compromise.
Attackers are known to be exploiting these vulnerabilities in the wild, so system administrators are urged to update BIG-IP and BIG-IQ as soon as possible.
Read the full details here:
Overview of F5 vulnerabilities (March 2021)
BIG-IP update and upgrade guide
Upgrading ELA BIG-IP VE through BIG-IQ License manager
Frequently asked questions for upgrade and update videos
Wednesday, February 24, 2021
Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode be updated immediately to avoid potential exploitation.
Read the full details here:
Cisco NX-OS Software Unauthenticated Arbitrary File Actions Vulnerability