ESB-2021.0695.2 – UPDATE [Appliance] F5 Products: Denial of service – Remote/unauthenticated

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.0695.2
Node.js vulnerability
13 July 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: BIG-IP
BIG-IQ Centralized Management
Publisher: F5 Networks
Operating System: Network Appliance
Impact/Access: Denial of Service — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-8277

Reference: ESB-2021.0587
ESB-2021.0112
ESB-2020.4214

Original Bulletin:
https://support.f5.com/csp/article/K07944249

Revision History: July 13 2021: Vendor added fixes for BIG-IP 16.x branch
February 25 2021: Initial Release

– ————————–BEGIN INCLUDED TEXT——————–

K07944249: Node.js vulnerability CVE-2020-8277

Original Publication Date: 25 Feb, 2021

Security Advisory Description

A Node.js application that allows an attacker to trigger a DNS request for a
host of their choice could trigger a Denial of Service in versions
Read More

The post ESB-2021.0695.2 – UPDATE [Appliance] F5 Products: Denial of service – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2021/07/13/esb-2021-0695-2-update-appliance-f5-products-denial-of-service-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0695-2-update-appliance-f5-products-denial-of-service-remote-unauthenticated