Article 6MNPE Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion

Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion

by
Dan Goodin
from Ars Technica - All content on (#6MNPE)
exploit-vulnerability-security-1-800x450

Enlarge (credit: Getty Images)

Researchers on Wednesday reported critical vulnerabilities in a widely used networking appliance that leaves some of the world's biggest networks open to intrusion.

The vulnerabilities reside in BIG-IP Next Central Manager, a component in the latest generation of the BIG-IP line of appliances organizations use to manage traffic going into and out of their networks. Seattle-based F5, which sells the product, says its gear is used in 48 of the top 50 corporations as tracked by Fortune. F5 describes the Next Central Manager as a single, centralized point of control" for managing entire fleets of BIG-IP appliances.

As devices performing load balancing, DDoS mitigation, and inspection and encryption of data entering and exiting large networks, BIG-IP gear sits at their perimeter and acts as a major pipeline to some of the most security-critical resources housed inside. Those characteristics have made BIG-IP appliances ideal for hacking. In 2021 and 2022, hackers actively compromised BIG-IP appliances by exploiting vulnerabilities carrying severity ratings of 9.8 out of 10.

Read 12 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments