all CVE's that F5 documents in its Security Advisory series specifically refer to vulnerabilities that affect/compromise F5 products only, in this case BIG-IP. Any application that runs on-top of the BIG-IP, like an HTTP portal, will not be covered.
So, unless xxx.com resolves to an IP address on the BIG-IP that allows Configuration Utility access (webI or SSH), it shoudn't be considered as an attack vector.
Best thing to protect such kind of vulnerability is "Restricting access to the Configuration utility by source IP/subnet" and make sure you should follow principle of least privilege. Most of the issue will be solved.
all CVE's that F5 documents in its Security Advisory series specifically refer to vulnerabilities that affect/compromise F5 products only, in this case BIG-IP. Any application that runs on-top of the BIG-IP, like an HTTP portal, will not be covered.
So, unless xxx.com resolves to an IP address on the BIG-IP that allows Configuration Utility access (webI or SSH), it shoudn't be considered as an attack vector.
So, unless xxx.com resolves to an IP address on the BIG-IP that allows Configuration Utility access (webI or SSH), it shoudn't be considered as an attack vector.
this mean if xxx.com secure by waf and it's mapped to xxx server . this will not have affect to WAF because there is no relation between xxx.com and WAF ssh .
so this vulnerability will be compromised by users who have access to WAF , right?
so this vulnerability will be compromised by users who have access to WAF , right?
Correct again - user needs to be logged to the WAF, and send a packet that contains the specific URL (undisclosed so far) that opens the attack vector.
