F5 Products Denial of Service Vulnerability
A vulnerability was identified in F5 Products. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system.
Note:
No patch is currently available for CVE-2023-4408 of the affected products.
RISK: High Risk
TYPE: Operating Systems – Networks OS
Impact
- Denial of Service
System / Technologies affected
BIG-IP (all modules)
- 17.1.0 – 17.1.1
- 16.1.0 – 16.1.4
- 15.1.0 – 15.1.10
BIG-IQ Centralized Management
- 8.1.0 – 8.3.0
Solutions
Please visit the vendor web-site for more details.
Apply workarounds issued by the vendor:
Workaround:
Reduce the vulnerability of attacks by following workaround:
- Ensuring that TCP/UDP port 53 is not allowed as a default service (allow-service default)
- Disabling the Use BIND Server on BIG-IP option in the DNS profile
Vulnerability Identifier
Source
Related Link
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.