F5 patches BIG-IP Next Central Manager flaws that could lead to device takeover | allinfosecnews.com

May 8, 2024, 8:54 p.m. |

CSO Online www.csoonline.com

Multicloud security and application delivery vendor F5 has fixed two high-risk vulnerabilities in BIG-IP Next Central Manager, the central component used to manage BIG-IP Next load balancers and app security instances running on-premises or in the cloud.

According to the researchers who found them, the flaws could be used to gain full administrative control of affected devices by leaking admin password hashes and then cracking them offline.

“These weaknesses can be used in a variety of potential attack paths,” researchers …

app application application delivery big big-ip big-ip next central manager cloud delivery device flaws found high load balancers manage manager multicloud multicloud security next patches researchers risk running security takeover vendor vulnerabilities

More from www.csoonline.com / CSO Online

Bug in EmbedAI can allow poisoned data to sneak into your LLMs 1 day, 17 hours ago | www.csoonline.com

application attacks bug can +20

OpenAI accuses Russia, China, Iran, and Israel of misusing its GenAI tools for covert Ops 1 day, 19 hours ago | www.csoonline.com

ai tools campaigns china covert +20

Okta alerts customers against new credential-stuffing attacks 1 day, 20 hours ago | www.csoonline.com

access access management advisory alerts +30

3 reasons users can’t stop making security mistakes — unless you address them 1 day, 23 hours ago | www.csoonline.com

address advanced breach can +30

The CSO guide to top security conferences 1 day, 23 hours ago | www.csoonline.com

application security can career careers +22

Two-factor authentication (2FA) explained: How it works and how to enable it 2 days, 2 hours ago | www.csoonline.com

2fa access app authentication +15

‘Operation Endgame’ deals major blow to malware distribution botnets 2 days, 8 hours ago | www.csoonline.com

arrest assets botnet botnets +20

Cybercrime group claims to have stolen data on 560 million Ticketmaster users 2 days, 10 hours ago | www.csoonline.com

attack claim claims customers +7

Download our data security posture management (DSPM) enterprise buyer’s guide 2 days, 14 hours ago | www.csoonline.com

can cso data data and information security +18

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com