fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Critical F5 BIG-IP Bug Impacts Customers in Sensitive Sectors

Critical F5 BIG-IP Bug Impacts Customers in Sensitive Sectors

BIG-IP application services company F5 has fixed more than a dozen high-severity vulnerabilities in its networking device, one of them being elevated to critical severity under specific conditions.

The issues are part of this month’s delivery of security updates, which addresses almost 30 vulnerabilities for multiple F5 devices.

Critical bug for sensitive sectors

Of the thirteen high-severity flaws that F5 fixed, one becomes critical in a configuration “designed to meet the needs of customers in especially sensitive sectors” and could lead to complete system compromise.

The issue is now tracked as CVE-2021-23031 and affects BIG-IP modules Advanced WAF (Web Application Firewall) and the Application Security Manager (ASM), specifically the Traffic Management User Interface (TMUI).

Normally, it is a privilege escalation with an 8.8 severity score that can be exploited by an authenticated attacker with access to the Configuration utility to run arbitrary system commands, which could lead to complete system compromise.

For customers using the Appliance Mode, which applies some technical restrictions, the same vulnerability comes with a critical rating of 9.9 out of 10.

F5’s security advisory for CVE-2021-23031 does not provide many details on why there are two severity ratings, but notes that there is a “limited number of customers” that are impacted by the critical variant of the bug unless they install the updated version or apply mitigations.

For organizations where updating the devices is not possible, F5 says that the only way to defend against possible exploitation is to limit access to the Configuration utility only to completely trusted users.

Also Read: Data Minimization; Why Bigger is Not Always Better

Except for CVE-2021-23031, the dozen high-severity security bugs that F5 addressed this month come with risk scores between 7.2 and 7.5. Half of them affect all modules, five impact the Advanced WAF and ASM, and one affects the DNS module.

CVE / Bug IDSeverityCVSS scoreAffected productsAffected versionsFixes introduced in
CVE-2021-23025High7.2BIG-IP (all modules)15.0.0 – 15.1.0
14.1.0 – 14.1.3
13.1.0 – 13.1.3
12.1.0 – 12.1.6
11.6.1 – 11.6.5
16.0.0
15.1.0.5
14.1.3.1
13.1.3.5
CVE-2021-23026High7.5BIG-IP (all modules)16.0.0 – 16.0.1
15.1.0 – 15.1.2
14.1.0 – 14.1.4
13.1.0 – 13.1.4
12.1.0 – 12.1.6
11.6.1 – 11.6.5
16.1.0
16.0.1.2
15.1.3
14.1.4.2
13.1.4.1
BIG-IQ8.0.0 – 8.1.0 
7.0.0 – 7.1.0
6.0.0 – 6.1.0
None
CVE-2021-23027High7.5BIG-IP (all modules)16.0.0 – 16.0.1
15.1.0 – 15.1.2
14.1.0 – 14.1.4
16.1.0
16.0.1.2
15.1.3.1
14.1.4.3
CVE-2021-23028High7.5BIG-IP (Advanced WAF, ASM)16.0.0 – 16.0.1
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.3
16.1.0
16.0.1.2
15.1.3.1
14.1.4.2
13.1.4
CVE-2021-23029High7.5BIG-IP (Advanced WAF, ASM)16.0.0 – 16.0.116.1.0
16.0.1.2
CVE-2021-23030High7.5BIG-IP (Advanced WAF, ASM)16.0.0 – 16.0.1
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.4
12.1.0 – 12.1.6
16.1.0
16.0.1.2
15.1.3.1
14.1.4.3
13.1.4.1
CVE-2021-23031High–Critical – Appliance mode only8.8–9.9BIG-IP (Advanced WAF, ASM)16.0.0 – 16.0.1
15.1.0 – 15.1.2
14.1.0 – 14.1.4
13.1.0 – 13.1.3
12.1.0 – 12.1.5
11.6.1 – 11.6.5
16.1.0
16.0.1.2
15.1.3
14.1.4.1
13.1.4
12.1.6
11.6.5.3
CVE-2021-23032High7.5BIG-IP (DNS)16.0.0 – 16.0.1
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.4 
12.1.0 – 12.1.6
16.1.0 
15.1.3.1
14.1.4.4
CVE-2021-23033High7.5BIG-IP (Advanced WAF, ASM)16.0.0 – 16.0.1
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.4
12.1.0 – 12.1.6
16.1.0
15.1.3.1
14.1.4.3
13.1.4.1
CVE-2021-23034High7.5BIG-IP (all modules)16.0.0 – 16.0.1
15.1.0 – 15.1.3
16.1.0 
15.1.3.1
CVE-2021-23035High7.5BIG-IP (all modules)14.1.0 – 14.1.414.1.4.4
CVE-2021-23036High7.5BIG-IP (Advanced WAF, ASM, DataSafe)16.0.0 – 16.0.116.1.0
16.0.1.2
CVE-2021-23037High7.5BIG-IP (all modules)16.0.0 – 16.1.0
15.1.0 – 15.1.3
14.1.0 – 14.1.4
13.1.0 – 13.1.4
12.1.0 – 12.1.6
11.6.1 – 11.6.5
None

The flaws range from authenticated remote command execution to cross-site scripting (XSS) and request forgery, to insufficient permission and denial-of-service.

Also Read: Vulnerability Management For Cybersecurity Dummies

The full list of vulnerabilities of security fixes includes less severe bugs (medium and low) and is available in F5’s advisory.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a notification about F5’s security advisory, encouraging users and administrators to review the information from the company and install the software updates or apply the necessary mitigations.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us