CERT-In warns users of vulnerability in cybersecurity firm F5 product

"Vulnerability exists in F5 BIG-IP due to flooding the target server with queries. A remote attacker could exploit this vulnerability by crafting queries on the affected 'named' instance and responses may cause excessive CPU load on the targeted system," said CERT-In in the advisory.
  • Updated On Apr 6, 2024 at 10:48 AM IST
Read by: 100 Industry Professionals
Reader Image Read by 100 Industry Professionals

The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology (MeitY), on Friday warned users of a vulnerability in multi-cloud application services and security company F5's BIG-IP (a family of products covering software and hardware).

According to the cyber agency, this vulnerability could be exploited by a remote attacker to execute craft DNS queries or cause a Denial of Service (DoS) condition on the targeted system.

"Vulnerability exists in F5 BIG-IP due to flooding the target server with queries. A remote attacker could exploit this vulnerability by crafting queries on the affected 'named' instance and responses may cause excessive CPU load on the targeted system," said CERT-In in the advisory.

Advt
"Successful exploitation of this vulnerability could allow a remote attacker to execute craft DNS queries or cause a Denial of Service condition on the targeted system," it added.

The cyber agency has advised to apply the appropriate updates.

Meanwhile, CERT-In has warned users of multiple vulnerabilities in Android and Mozilla Firefox web browsers which could allow an attacker to obtain sensitive information, execute arbitrary code and cause Denial-of-Service conditions on the targeted system.

As per the advisory, 'Android 12, 12L, 13, 14', and 'Mozilla Firefox versions prior to 124.0.1 and Mozilla Firefox ESR versions before 115.9.1' are the affected software versions, respectively.

  • Published On Apr 6, 2024 at 10:47 AM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App