F5 Networks has pushed out patches in order to tackle four critical vulnerabilities in BIG-IP, one of the vulnerabilities that can be used for unauthenticated, remote code execution (RCE) attacks.
F5 states that 48 out of Fortune 50 companies are F5 consumers. Financial services, governments, healthcare providers, and telecoms firms are counted amongst clients.
F5’s security advisory issued lately describes seven security defects affecting BIG-IP and BIG-IQ deployments.
The most dangerous are CVE-2021-22986 and CVE-2021-22987, which have been declared CVSS severity scores of 9.8 and 9.9, respectively.
CVE-2021-22986 is an unauthenticated RCE affecting the BIG-IP management interface.
To Read More: ZDNet