10 marzo, 2021

9VSA21-00405-01 CSIRT alerta sobre vulnerabilidades en productos F5

Resumen

El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT, comparte información sobre vulnerabilidades dadas a conocer por F5.

Este informe incluye las medidas de mitigación, consistentes en instalar la última actualización de los productos afectados.

Vulnerabilidades

CVE-2021-22986

CVE-2021-22987

CVE-2021-22988

CVE-2021-22989

CVE-2021-22990

CVE-2021-22991

CVE-2021-22992

CVE-2021-22993

CVE-2021-22994

CVE-2021-22995

CVE-2021-22996

CVE-2021-22997

CVE-2021-22998

CVE-2021-22999

CVE-2021-23000

CVE-2021-23001

CVE-2021-23002

CVE-2021-23003

CVE-2021-23004

CVE-2021-23005

CVE-2021-23006

Impactos

CVE-2021-22986, CVE-2021-22987, CVE-2021-22991 y CVE-2021-2292 son consideradas vulnerabilidades de riesgo crítico por el proveedor.

Productos Afectados

BIG-IP

BIG-IQ

BIG-IP Advanced WAF/ASM

Mitigación

Instalar las últimas actualizaciones de los productos afectados desde el sitio del proveedor.

Enlaces

https://support.f5.com/csp/article/K02566623

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22986

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22987

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22988

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22989

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22990

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22991

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22992

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22993

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22994

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22995

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22996

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22997

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22998

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22999

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23000

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23001

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23002

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23003

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23004

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23005

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23006

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22986

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22987

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22988

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22989

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22990

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22991

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22992

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22993

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22994

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22995

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22996

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22997

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22998

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22999

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23000

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23001

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23002

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23003

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23004

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23005

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23006

Informe

El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA21-00405-01.

9VSA21-00405-01 CSIRT alerta sobre vulnerabilidades en productos F5