BIG-IP Product from F5 Networks Can be Exploited to Launch Remote Denial-of-Service (DoS) Attacks

To conduct remote denial-of-service (DoS) attacks, a flaw discovered by a researcher in a BIG-IP product from F5 Networks can be exploited.

Nikita Abramov, a researcher at Positive Technologies, a supplier of cybersecurity solutions, discovered the security bug and it affects certain versions of BIG-IP Access Policy Management (APM), a protected access solution that simplifies and centralises access to apps, APIs and info.

The weakness, according to F5 Networks, is linked to a Traffic Management Microkernel (TMM) portion that processes all load-balanced traffic on BIG-IP systems.

“The Traffic Management Microkernel (TMM) stops responding and restarts when a BIG-IP APM virtual server processes traffic of an undisclosed nature,” the supplier explained in an advisory issued in mid-December. Processing of traffic is interrupted as TMM restarts. When the affected BIG-IP system is installed as part of a device party, a failover to the peer device is caused by the system.

Abramov noted that it does not take any software to exploit this vulnerability; the attacker merely needs to send a specially designed HTTP request to the server hosting the BIG-IP configuration utility, which blocks access to the device “for a while (until it restarts automatically).”

In its advisory, F5 reported that the vulnerability, monitored as CVE-2020-27716 with a high severity ranking, impacts only versions 14.x and 15.x. In both branches, patches that fix the bug are available.

Nigerian Arrested in US For Hacking into User Accounts at a Payroll Processing Company

Last year, Constructive Technology told F5 of a crucial BIG-IP vulnerability that ended up being abused in the wild, both by profit-driven cybercriminals and state-sponsored cyberspies.

Leave a Reply
Previous Post

How is Mobile Gambling Different from Wagering on the Desktop?

Next Post

Microsoft Reminds Organisations About Patching for Zerologon Vulnerability

Related Posts