Multiple F5 Flaws Let Attackers Login With User Session & Cause DoS Attack
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Two vulnerabilities have been discovered in BIG-IP, which are associated with Insufficient Session Fixation and Expired Pointer Dereference.
These vulnerabilities have been assigned to CVE-2024-39809 and CVE-2024-39792, and the severity was given as 7.5 ( High ).
Moreover, these vulnerabilities were affecting BIG-IP Next Central Manager and NGINX MQTT (Message Queuing Telemetry Transport). F5 has addressed these vulnerabilities, and security advisories have been published.
Multiple F5 Vulnerabilities
CVE-2024-39809: BIG-IP Next Central Manager Vulnerability
This vulnerability exists because the user session refresh token does not expire when the user logs out.
A threat actor with access to a user’s session can use the session to access BIG-IP Next Central Manager and systems managed by BIG-IP Next Central Manager from which the user has logged out.
However, this vulnerability affects BIG-IP Next Central Manager version 20.1.0 and has been fixed in version 20.2.0. The vulnerable component of this product has been identified as webUI.
CVE-2024-39792: NGINX Plus MQTT vulnerability
This vulnerability arises when NGINX Plus is configured to use the MQTT filter module, during which undisclosed requests can increase memory resource utilization.
Further this vulnerability allows a remote, unauthenticated threat actor to cause a degradation of service that can lead to denial of service conditions of NGINX.
Further, the system performance can degrade unless the NGINX master and worker processes are forced to restart and/or manually restarted.
The vulnerable component of this product has been identified as ngx_stream_mqtt_filter_module.
Affected Products And Fixed In Version
ProductBranchVersions known to be vulnerableFixes introduced inSeverity/CVSS scoreVulnerable component or featureBIG-IP Next Central Manager20.x20.1.020.2.0High/7.5 (CVSS v3.1)webUIHigh/8.9 (CVSS v4.0)NGINX PlusR3xR30 – R32R32 P1High/7.5 (CVSS v3.1)ngx_stream_mqtt_filter_module moduleR31 P3High/8.7 (CVSS v4.0)
F5 has recommended that users upgrade their products to the latest versions to prevent threat actors from exploiting these vulnerabilities.
#Cyber_Security #Cyber_Security_News #Network_Security #Vulnerability #cyber_security #F5-BIG-IP #vulnerability
Оригинальная версия на сайте:
Multiple F5 Flaws Let Attackers Login With User Session & Cause DoS Attack
Author: EswarTwo vulnerabilities have been discovered in BIG-IP, which are associated with Insufficient Session Fixation and Expired Pointer Dereference.
These vulnerabilities have been assigned to CVE-2024-39809 and CVE-2024-39792, and the severity was given as 7.5 ( High ).
Moreover, these vulnerabilities were affecting BIG-IP Next Central Manager and NGINX MQTT (Message Queuing Telemetry Transport). F5 has addressed these vulnerabilities, and security advisories have been published.
Multiple F5 Vulnerabilities
CVE-2024-39809: BIG-IP Next Central Manager Vulnerability
This vulnerability exists because the user session refresh token does not expire when the user logs out.
A threat actor with access to a user’s session can use the session to access BIG-IP Next Central Manager and systems managed by BIG-IP Next Central Manager from which the user has logged out.
However, this vulnerability affects BIG-IP Next Central Manager version 20.1.0 and has been fixed in version 20.2.0. The vulnerable component of this product has been identified as webUI.
CVE-2024-39792: NGINX Plus MQTT vulnerability
This vulnerability arises when NGINX Plus is configured to use the MQTT filter module, during which undisclosed requests can increase memory resource utilization.
Further this vulnerability allows a remote, unauthenticated threat actor to cause a degradation of service that can lead to denial of service conditions of NGINX.
Further, the system performance can degrade unless the NGINX master and worker processes are forced to restart and/or manually restarted.
The vulnerable component of this product has been identified as ngx_stream_mqtt_filter_module.
Affected Products And Fixed In Version
ProductBranchVersions known to be vulnerableFixes introduced inSeverity/CVSS scoreVulnerable component or featureBIG-IP Next Central Manager20.x20.1.020.2.0High/7.5 (CVSS v3.1)webUIHigh/8.9 (CVSS v4.0)NGINX PlusR3xR30 – R32R32 P1High/7.5 (CVSS v3.1)ngx_stream_mqtt_filter_module moduleR31 P3High/8.7 (CVSS v4.0)
F5 has recommended that users upgrade their products to the latest versions to prevent threat actors from exploiting these vulnerabilities.
#Cyber_Security #Cyber_Security_News #Network_Security #Vulnerability #cyber_security #F5-BIG-IP #vulnerability
Оригинальная версия на сайте:
