https://community.isc2.org/t5/Threats/F5-Issues-Warning-BIG-IP-Vulnerability-Allows-Remote-Code/m-p/63960#M946 <P>Dear All,</P><P>&nbsp;</P><P>F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution.</P><P>The issue, rooted in the configuration utility component, has been assigned the CVE identifier<SPAN>&nbsp;</SPAN><STRONG>CVE-2023-46747</STRONG>, and carries a CVSS score of 9.8 out of a maximum of 10.</P><P>&nbsp;</P><P><SPAN><A href="https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html" target="_blank" rel="noopener">https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html</A></SPAN></P><P>&nbsp;</P><P><SPAN><A href="https://my.f5.com/manage/s/article/K000137353" target="_blank">BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747 (f5.com)</A></SPAN></P> Sat, 28 Oct 2023 14:36:09 GMT Kyaw_Myo_Oo 2023-10-28T14:36:09Z https://community.isc2.org/t5/Threats/F5-Issues-Warning-BIG-IP-Vulnerability-Allows-Remote-Code/m-p/63960#M946 <P>Dear All,</P><P>&nbsp;</P><P>F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution.</P><P>The issue, rooted in the configuration utility component, has been assigned the CVE identifier<SPAN>&nbsp;</SPAN><STRONG>CVE-2023-46747</STRONG>, and carries a CVSS score of 9.8 out of a maximum of 10.</P><P>&nbsp;</P><P><SPAN><A href="https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html" target="_blank" rel="noopener">https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html</A></SPAN></P><P>&nbsp;</P><P><SPAN><A href="https://my.f5.com/manage/s/article/K000137353" target="_blank">BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747 (f5.com)</A></SPAN></P> Sat, 28 Oct 2023 14:36:09 GMT https://community.isc2.org/t5/Threats/F5-Issues-Warning-BIG-IP-Vulnerability-Allows-Remote-Code/m-p/63960#M946 Kyaw_Myo_Oo 2023-10-28T14:36:09Z https://community.isc2.org/t5/Threats/F5-Issues-Warning-BIG-IP-Vulnerability-Allows-Remote-Code/m-p/63964#M947 <P>From the advisory: "<SPAN>this is a control plane issue only.".&nbsp; In other words, it is an attack against the management interface.&nbsp;&nbsp;</SPAN><SPAN>The important reminder for all of us (even those who are not F5 customers) is that management interfaces should only be accessible to those who need to manage the device.</SPAN></P><P>&nbsp;</P><P><SPAN>Even the login prompt itself ought to whitelisted from&nbsp;</SPAN>source-IP addresses where your admins may likely be (office subnet, VPN addreses, etc.).&nbsp; The goal being to prevent an actor from staging an authentication bypass attack against a particularly powerful interface.</P><P>&nbsp;</P> Sun, 29 Oct 2023 02:49:29 GMT https://community.isc2.org/t5/Threats/F5-Issues-Warning-BIG-IP-Vulnerability-Allows-Remote-Code/m-p/63964#M947 denbesten 2023-10-29T02:49:29Z https://community.isc2.org/t5/Threats/F5-Issues-Warning-BIG-IP-Vulnerability-Allows-Remote-Code/m-p/63968#M948 <P>Hi&nbsp;<a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/311867713">@denbesten</a>&nbsp;</P><P>&nbsp;</P><P>Thanks for sharing your thoughts and&nbsp;comments and suggestions.&nbsp;</P> Sun, 29 Oct 2023 04:27:24 GMT https://community.isc2.org/t5/Threats/F5-Issues-Warning-BIG-IP-Vulnerability-Allows-Remote-Code/m-p/63968#M948 Kyaw_Myo_Oo 2023-10-29T04:27:24Z