Threat Post

F5 Big-IP Vulnerable to Security-Bypass Bug

The KDC-spoofing flaw tracked as CVE-2021-23008 can be used to bypass Kerberos security and sign into the Big-IP Access Policy Manager or admin console. F5 Networks’ Big-IP Application Delivery ...
Bleeping Computer

Exploits created for critical F5 BIG-IP flaw, install patch immediately

Security researchers are warning F5 BIG-IP admins to immediately install the latest security updates after creating exploits for a recently disclosed critical CVE-2022-1388 remote code execution ...
heise online

F5 BIG-IP: Attackers can bypass restrictions through access controls

Attackers can exploit a vulnerability in the F5 BIG-IP appliances to extend their rights and manipulate the configuration. This could compromise the BIG-IP system, the manufacturer warns. According to ...
SDxCentral

Best Practices to Configure BIG-IP LTM Systems to Encrypt HTTP Persistence Cookies

CISA has observed cyber threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager (LTM) module to enumerate other non-internet facing devices on the ...