On March 19th, 2021, F5 announced twenty-one (21) CVEs affecting its BIG-IP and BIG-IQ modules, and four of them were critical. F5 quickly released versions with fixes to all 21 vulnerabilities and urged affected users to upgrade their modules to the fixed versions.
But the vulnerabilities exposed by F5 affect almost all BIG-IP and BIG-IQ versions. Enterprises need to track which version of the modules they’re running and manually upgrade each of them to the appropriate fixed version. Manual upgrades are time-consuming, and the longer the network is exposed to the vulnerabilities, the greater is the risk of an attack. There are also possibilities of errors and compliance lapses when the upgrade is manual, further increasing the risk.
Download this infographic to know how AppviewX ADC+ can easily identify F5 devices with vulnerable versions and can automatically perform upgrades to those devices.