F5 Patches Authentication Bypass Vulnerability in BIG-IP APM AD Auth

Wednesday, April 28, 2021

F5 announced patches for BIG-IP to fix a high priority authentication bypass vulnerability in APM AD auth.

An APM access policy configured with AD authentication and SSO (single sign-on) agent could be vulnerable to attacks where a spoofed credential can result in local administrator access.

System administrators are urged to update BIG-IP as soon as possible.

Important links:
BIG-IP APM AD authentication vulnerability CVE-2021-23008
BIG-IP update and upgrade guide
Frequently asked questions for upgrade and update videos

Subscribe to the Feed