Forum Discussion
DNS Server Dynamic Update Record Injection
Hello,
Does anyone know how to mitigate this vulnerability? Looks like F5 GMT v11.6.2 is vulnerable.
https://nmap.org/nsedoc/scripts/dns-update.html
Thank you in advance.
- youssef1Cumulonimbus
Hi,
If you host dns on F5, you can Limit addresses that are allowed to do dynamic updates (eg, with BIND's 'allow-update' option) or implement TSIG or SIG(0).
Following your documentatio: https://www.tenable.com/plugins/nessus/35372
have you already deployed this solution?
Regards,
- Leonardo_SouzaCirrocumulus
You need to find what CVE is that, and then just search in askf5.
If there is no CVE created, or you can't find information about the CVE, you need to open a ticket with F5 support to get more information.
- Ilian_IvanovNimbostratus
Yes, we have DNS license and we are using it :)
- youssef1Cumulonimbus
Hi,
did you have dns license?
Regards
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com