【雲智維資安預警通知】
- 漏洞分享 - F5 產品存在多個漏洞
F5 產品存在多個漏洞,允許攻擊者利用此漏洞,於目標系統觸發遠端執行任意程式碼、阻斷服務狀況、敏感資料洩露及繞過身份驗證,其影響系統或版本如下:
- 受影響之系統/漏洞描述:
- BIG-IP (all modules)
15.1.0 - 15.1.10
16.1.0 - 16.1.5
17.1.0 - 17.1.2
- BIG-IP (PEM)
15.1.0 - 15.1.10
16.1.0 - 16.1.4
17.1.0 - 17.1.1
- BIG-IP (ASM)
15.1.0 - 15.1.10
16.1.0 - 16.1.4
17.1.0 - 17.1.1
- BIG-IP (AFM)
15.1.0 - 15.1.10
16.1.0 - 16.1.5
17.1.0 - 17.1.1
- BIG-IP (APM)
15.1.0 - 15.1.10
16.1.0 - 16.1.4
17.1.0 - 17.1.1
- BIG-IP Next SPK
1.7.0 - 1.7.6
1.8.0 - 1.8.2
1.9.0
- BIG-IP Next Central Manager
20.2.0 - 20.2.1
- BIG-IP Next CNF
1.1.0 - 1.3.3
- NGINX Plus
R28 - R33
- NGINX Open Source
1.11.4 - 1.27.3
- 建議改善措施:
企業及使用者如有上述漏洞版本應儘速更新或實施原廠提供之修補方案。
情資報告連結:
https://my.f5.com/manage/s/article/K000134888
https://my.f5.com/manage/s/article/K000138757
https://my.f5.com/manage/s/article/K000138932
https://my.f5.com/manage/s/article/K000139656
https://my.f5.com/manage/s/article/K000139778
https://my.f5.com/manage/s/article/K000139780
https://my.f5.com/manage/s/article/K000140578
https://my.f5.com/manage/s/article/K000140920
https://my.f5.com/manage/s/article/K000140933
https://my.f5.com/manage/s/article/K000140947
https://my.f5.com/manage/s/article/K000140950
https://my.f5.com/manage/s/article/K000141003
https://my.f5.com/manage/s/article/K000141380
https://my.f5.com/manage/s/article/K000148412
https://my.f5.com/manage/s/article/K000148587
https://my.f5.com/manage/s/article/K000149173
https://my.f5.com/manage/s/article/K000149185
https://my.f5.com/manage/s/article/K000149540