EUVD-2024-19946

Malicious code in bioql PyPI...

CVE-2024-22389

CVE-2024-22389 affects BIG-IP in HA deployments where updating an iControl REST API token fails to sync to the peer, a control-plane issue impacting confidentiality, integrity, and availability (CVSS v3.1 base 7.2). Affected releases and fixes: BIG-IP (all modules) vulnerable in 17.1.0; fix intro...

CVE-2024-22389 BIG-IP iControl REST API Vulnerability

When BIG-IP is deployed in high availability HA and an iControl REST API token is updated, the change does not sync to the peer device. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 Networks BIG-IP : BIG-IP iControl REST API vulnerability (K32544615)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K32544615 advisory. When BIG-IP is deployed in high availability HA and an iControl REST API token is updated, the change does no...

The Bug Report – May 2022 Edition

The Bug Report – May 2022 Edition By Trellix · June 1, 2022 This blog was written by Douglas McKee Your Cybersecurity Comic Relief Source: https://twitter.com/cyb3rops/status/1523579115152064513?s=20&t=jtGMOibQPsPviekQoWKIA Why Am I here? People often come together not only due to common interest...

PT-2022-2443

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions 11.6.x, 12.1.x, 13.1.x prior to 13.1.5, 14.1.x prior to 14.1.4.6, 15.1.x prior to 15.1.5.1, and 16.1.x prior to 16.1.2.2 Description The vulnerability resides in the iControl REST API authentication mechanism of F5 BIG-IP...

F5 iControl REST Remote Command Execution Vulnerability

F5 BIG-IP is F5's application delivery platform that integrates network traffic scheduling, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IQ Centralized Management is F5's management and scheduling platform that centrally manages and controls the F5 BIG-IP physical...