F5 fixes BIG-IP Next Central Manager flaws with public PoCs

Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities affecting F5's BIG-IP Next Central Manager.
They are usually deployed by big enterprises - telcos, internet and cloud service providers - but also governments.
BIG-IP Next Central Manager allows users to centrally control their BIG-IP Next instances and services.
CVE-2024-21793 and CVE-2024-26026 - both injection vulnerabilities that may allow attackers to execute malicious SQL statements through the BIG-IP NEXT Central Manager API - have been found by researcher Vladyslav Babkin.
The PoCs Eclypsium shared for the two CVE-numbered flaws may allow attackers attackers to grab admin's password hash.
Eclypsium researchers have also flagged three additional vulnerabilities that ended up not receiving a CVE number.
They may allow attackers to create accounts on the devices, easily obtain the admin password, and to reset the password on accounts without knowing the previous one.
F5 has released fixes for the two injection vulnerabilities and are urging admins to implement them.
They can mitigate them by restricting management access to F5 products to only trusted users and devices over a secure network.
There is currently no indication that these flaws are being exploited by attackers.

This Cyber News was published on www.helpnetsecurity.com. Publication date: Thu, 09 May 2024 14:43:06 +0000

Cyber News related to F5 fixes BIG-IP Next Central Manager flaws with public PoCs

F5 fixes BIG-IP Next Central Manager flaws with public PoCs - Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities affecting F5's BIG-IP Next Central Manager. They are usually deployed by big enterprises - telcos, internet and cloud service ...
10 months ago Helpnetsecurity.com CVE-2024-21793 CVE-2024-26026

F5 Patches Dangerous Vulnerabilities in BIG-IP Next Central Manager - F5 on Wednesday announced patches for its BIG-IP Next Central Manager to address potentially dangerous vulnerabilities that experts say could allow attackers to take complete control of a device. Enterprise firmware and hardware security firm ...
10 months ago Securityweek.com CVE-2024-21793 CVE-2024-26026

2 Bugs in F5 Asset Manager Allow Full Takeover, Hidden Accounts - Newly discovered vulnerabilities in F5 Networks' BIG-IP Next Central Manager could allow an attacker to gain full control over, and create hidden accounts inside of, any F5-brand assets. BIG-IP is the umbrella for F5's various software and hardware ...
10 months ago Darkreading.com

Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws - Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days. The total count of 61 flaws does not include 2 Microsoft Edge flaws fixed on May 2nd and four ...
9 months ago Bleepingcomputer.com CVE-2024-30046

Exploits released for critical Jenkins RCE flaw, patch now - Multiple proof-of-concept exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. ...
1 year ago Bleepingcomputer.com CVE-2024-23897 CVE-2024-23898

Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
2 years ago Securityaffairs.com

F5 Developing Fix for BIG-IP Vulnerability That Could Cause Denial of Service and Allow for Code Execution - F5 has warned of a serious format string vulnerability in BIG-IP that could allow an authenticated attacker to cause a denial-of-service and potentially execute malicious code. This security issue, tracked as CVE-2023-22374, affects iControl SOAP, an ...
2 years ago Securityweek.com CVE-2023-22374

Over 1,450 pfSense servers exposed to RCE attacks via bug chain - Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. PfSense is a popular open-source firewall ...
1 year ago Bleepingcomputer.com CVE-2023-42325 CVE-2023-42327 CVE-2023-42326

CVE-2015-7393 - dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, ...
9 years ago

Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers - A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept exploits. Apache OFBiz is an open-source enterprise resource planning system many businesses use for e-commerce ...
1 year ago Bleepingcomputer.com CVE-2023-49070 CVE-2023-51467

CVE-2015-8099 - F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before ...
5 years ago

Privilege elevation exploits used in over 50% of insider attacks - Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether for malicious purposes or by downloading risky tools in a dangerous manner. A report by ...
1 year ago Bleepingcomputer.com CVE-2017-0213

Threat Groups Rush to Exploit JetBrains' TeamCity CI/CD Security Flaws - The cyberthreats to users of JetBrains' TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that included exploiting the flaws for ...
11 months ago Securityboulevard.com CVE-2024-27198 CVE-2024-27199 BianLian

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs - Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution ...
11 months ago Bleepingcomputer.com

Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day - Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. While eight remote code execution bugs were fixed, Microsoft only rated three ...
1 year ago Bleepingcomputer.com CVE-2023-20588

CVE-2025-24319 - When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical ...
1 month ago Tenable.com

CVE-2016-5022 - F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x ...
5 years ago

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
9 months ago Securityaffairs.com

Nissan NA breach, VMware Pwn2Own fix, GE Ultrasound flaws - The car manufacturer has disclosed that a breach discovered last November has exposed personal data of more than 53,000 current and former employees of the company. This breach occurred during a hit on its external VPN by a threat actor who then ...
9 months ago Cisoseries.com

Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
1 year ago Techtarget.com

Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs - Today is Microsoft's January 2024 Patch Tuesday, which includes security updates for a total of 49 flaws and 12 remote code execution vulnerabilities. The total count of 49 flaws does not include 4 Microsoft Edge flaws fixed on January 5th. To learn ...
1 year ago Bleepingcomputer.com CVE-2024-20677 CVE-2024-20674

CVE-2015-5516 - Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 ...
5 years ago

Kaspersky Unveils New Flagship Product Line for Business, Kaspersky Next - PRESS RELEASE. Woburn, MA - April 16, 2024 - Today Kaspersky introduced its new flagship product line, Kaspersky Next, combining robust endpoint protection with the transparency and speed of EDR, alongside the visibility and powerful tools of XDR. ...
10 months ago Darkreading.com

MOVEit Transfer Flaws Push Security Defense Into a Race With Attackers - Attackers appear to be pounding away at a couple of critical bugs that Progress Software disclosed this week in its MOVEit file transfer application, with nearly the same ferocity as they did the zero-day flaw the company disclosed almost exactly a ...
8 months ago Darkreading.com CVE-2024-5806 CVE-2024-5805 CVE-2023-34362

Oracle’s First Security Update for 2023 Includes 327 New Patches - Oracle has released its first security update of 2023, delivering 327 new security fixes and patching a range of critical vulnerabilities. This update covers products spanning across Oracle’s Cloud portfolio, Fusion Middleware, Hyperion, E-Business ...
2 years ago Securityweek.com

F5 fixes BIG-IP Next Central Manager flaws with public PoCs

Cyber News related to F5 fixes BIG-IP Next Central Manager flaws with public PoCs

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)