Rewterz Threat Advisory – Multiple Jenkins Products Vulnerabilities
October 26, 2023Rewterz Threat Update – DoNot APT Group Targets Pakistan and Afghanistan with New Firebird Backdoor
October 26, 2023Rewterz Threat Advisory – Multiple Jenkins Products Vulnerabilities
October 26, 2023Rewterz Threat Update – DoNot APT Group Targets Pakistan and Afghanistan with New Firebird Backdoor
October 26, 2023Severity
High
Analysis Summary
CVE-2023-45886
F5 BIG-IP and BIG-IP Next are vulnerable to a denial of service, caused by a flaw in the BGP daemon (bgpd) in IP Infusion ZebOS. By sending specially crafted BGP update messages, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-45886
Affected Vendors
F5
Affected Products
- F5 BIG-IP 13.1.0
- F5 BIG-IP 14.1.0
- F5 BIG-IP 15.1.0
- F5 BIG-IP 16.1.0
- F5 BIG-IP 13.1.5
- F5 BIG-IP 14.1.5
- F5 BIG-IP 17.1.0
- f5 BIG-IP Next SPK 1.5.0
- F5 BIG-IP Next SPK 1.8.2
- F5 BIG-IP 16.1.4
- F5 BIG-IP 15.1.10
- F5 BIG-IP Next 20.0.1
- F5 BIG-IP Next CNF 1.1.0
- F5 BIG-IP Next CNF 1.1.1
Remediation
Refer to F5 Security Advisory for patch, upgrade or suggested workaround information.