skip to Main Content
NOTICE : PDS is being proactive in our response to the COVID-19 situation. For information on what we’re doing, industry resources, and ways we can help visit our COVID-19 Resource Center
PDS Cyber Security Advisory – Vulnerabilities In F5 BIG-IP

PDS Cyber Security Advisory – Vulnerabilities in F5 BIG-IP

Advisory Type:  IT Security
Severity:  Critical
Summary:

PDS is providing the following communication to build awareness of a critical vulnerability and patches in F5 BIG-IP products.

On June 30, 2020 F5 posted K52145254 disclosing that a critical vulnerability exists in the BIG-IP Traffic Management User Interface (TMUI). F5 has confirmed reports that the vulnerability is being actively exploited. The vulnerability can allow attackers unauthenticated access to run arbitrary system commands. This issue impacts only the control plane of the F5 system, data plane functionality is not affected. Note, BIG-IQ Management and Traffix SDC products are not vulnerable.

The affected product versions and patched versions are:

Product Version Upgrade to
BIG-IP 16.x 16.0.0
15.x 15.1.0.4
14.x 14.1.2.6
13.x 13.1.3.4
12.x 12.1.5.2
11.x 11.6.5.2

 

We strongly advise customers to review the F5 advisory and upgrade their environments.  PDS Architects are available to assist with the upgrades, your Account Director can assist in arranging for this upgrade support.

×Close search
Search