#CentralManager

2 (or 5) Bugs in F5 Asset Manager Allow Full Takeover, Hidden Accounts

by

May 9, 2024 at 05:16PM Newly discovered vulnerabilities in F5 Networks’ BIG-IP Next Central Manager could allow attackers to gain full control and create hidden accounts in F5-brand assets. These vulnerabilities have been assigned CVEs and patched by the vendor. Additional bugs affecting the Central Manager still pose threats, allowing attackers to wreak havoc despite … Read more

F5 Patches Dangerous Vulnerabilities in BIG-IP Next Central Manager

by

May 9, 2024 at 07:09AM F5 announced patches for its BIG-IP Next Central Manager to fix five vulnerabilities allowing complete device control. Eclypsium found the vulnerabilities but only two have CVE identifiers. One patched vulnerability is high severity, enabling unauthenticated attackers to execute malicious SQL statements. F5 states no impact beyond Next Central Manager. Eclypsium … Read more