How to protect F5 BigIP/Viprion System from shellshock

Question

Hi All,&nbsp;
I have few questions regarding BigIP and Viprion vulnerabilities.
1. if tcp port 443 and ssh are open on SelP-IPs, is it vulnerable to the attack?
2. what are the mitigation to protect the BigIP system itself aside from upgrading to 11.5.1 HF5?&nbsp;
Thanks! &nbsp;

nathe · Answer

yeslast week's update was that the only exploit f5 had seen against the management gui was when authenticated only. This is important to note. i.e. user had to have admin/root, for example, privileges to exploit the gui with an attack. 
F5's advice (and constant best practice anyway) is to have the mgmt interface connected to a secure, private subnet only, and any self-ips that are externally facing need to have 443 access disabled.&nbsp;
Hope this helps,&nbsp;
N&nbsp;

spidey_29396 · Answer

Thanks Nathan. Is there any patch like the "ssh vulnerability patch" last 2012?
I'm afraid one of our customers need to open port 443 via SelfIPs since it is the only way to manage it from remote.&nbsp;

nathe · Answer

I'm not sure to be honest. f5 support might be able to help on this.

Forum Discussion

How to protect F5 BigIP/Viprion System from shellshock

3 Replies

Recent Discussions

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

Related Content

Beyond REST: Protecting GraphQL

L7 DoS Protection with NGINX App Protect DoS

CVE-2014-6271 Shellshocked

Managing NGINX App Protect WAF for Beginners

F5 Distributed Cloud Bot Defense Protecting AWS CloudFront Distributions