Number: AV21-194
Date: 30 April 2021
On 28 April 2021 F5 published a Security Advisory to address a vulnerability in the following products:
- BIG-IP Branch 13 – versions 13.1.0.8 to 13.1.3
- BIG-IP Branch 14 – versions 14.1.0 to 14.1.4
- BIG-IP Branch 15 – versions 15.1.0 to 15.1.2
- BIG-IP Branch 16 – versions 16.0.0 to 16.0.1
Exploitation of this vulnerability could result in unauthorized access and remote command execution.
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.
Appliance Mode authenticated iControl REST vulnerability CVE-2021-23015 (K74151369)
https://support.f5.com/csp/article/K74151369
Note to Readers
The Canadian Centre for Cyber Security (Cyber Centre) operates as part of the Communications Security Establishment. We are Canada’s national authority on cyber security and we lead the government’s response to cyber security events. As Canada's national computer security incident response team, the Cyber Centre works in close collaboration with government departments, critical infrastructure, Canadian businesses and international partners to prepare for, respond to, mitigate, and recover from cyber events. We do this by providing authoritative advice and support, and coordinating information sharing and incident response. The Cyber Centre is outward-facing, welcoming partnerships that help build a stronger, more resilient cyber space in Canada.