Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Positive Technologies Helps Eliminate DoS Vulnerability in F5 Big-IP Application Delivery Controller

F5 has fixed a vulnerability in the configuration interface of the popular BIG-IP application delivery controller. The bug, discovered by Positive Technologies expert Nikita Abramov, affected a product that is used by some of the world’s leading companies, and would allow remote hackers to cause denial of service attacks to the controller.

Recommended AI News: Epsilon Appoints Warren AW as Managing Director, Asia-Pacific to Accelerate Growth in APAC

Vulnerability CVE-2020-27716 received a CVSS score of 7.5, reflecting a high degree of danger. 

Related Posts
1 of 40,647

Nikita Abramov researcher at Positive Technologies explains: “Vulnerabilities like this one are quite commonly found in code. They can occur for different reasons, for example unconsciously neglected by developers or due to insufficient additional checks being carried out. I discovered this vulnerability during binary analysis. Flaws like this one can be detected using non-standard requests and by analyzing logic and logical inconsistencies.  This attack did not require any tools: an attacker could just send a simple HTTP request to the server where the BIG-IP configuration utility is located, and that would be enough to block access to the controller for a while (until it automatically restarts).”

Recommended AI News: Infutor Property Data Enables Urban Institute’s Research on Disaster-Related Household Mobility

In July 2020, F5 fixed vulnerability CVE-2020-5902, which was discovered by Mikhail Klyuchnikov. That vulnerability received a CVSS score of 10, indicating the highest degree of danger. Using this error, an attacker could potentially execute commands impersonating an unauthorized user, which would then completely compromise the system. For example, an attacker could utilize this to intercept the traffic of web resources managed by the controller.

Recommended AI News: Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World

2 Comments
  1. baccaratcommunity says

    Looking at this article, I miss the time when I didn’t wear a mask. baccaratcommunity Hopefully this corona will end soon. My blog is a blog that mainly posts pictures of daily life before Corona and landscapes at that time. If you want to remember that time again, please visit us.

  2. Copper scrap resale value says

    Scrap Copper industry Copper scrap logistics Scrap metal purity standards
    Copper cable recycling plant setup, Metal reclamation and recycling yard, Circuit board copper scrap

Leave A Reply

Your email address will not be published.