Security News > 2022 > May > Week in review: F5 BIG-IP flaw, critical bugs in Aruba and Avaya network switches, Patch Tuesday forecast
TLStorm 2.0: Critical bugs in widely-used Aruba, Avaya network switchesArmis researchers have discovered five critical vulnerabilities in the implementation of TLS communications in multiple models of network switches.
Critical F5 BIG-IP flaw allows device takeover, patch ASAP!F5 Networks' BIG-IP multi-purpose networking devices/modules are vulnerable to unauthenticated remote code execution attacks via CVE-2022-1388.
Password tips to keep your accounts safeUswitch.com conducted a consumer survey to find out how the UK chooses their passwords, how safe they are and how often they have been hacked.
How is the U.S. government preparing for critical infrastructure attacks?In this video for Help Net Security, Paul Caiazzo, Advisor at Avertium, talks about critical infrastructure attacks, their potential impact, and what the U.S. government is doing to prepare for them.
How to identify vulnerabilities with NMAPIn this video for Help Net Security, Shani Dodge Reiner, Development Team Leader at Vicarius, explains how to identify vulnerabilities using the NMAP tool.
How to enhance your cyber defense program with CIS SecureSuiteJoin this webinar to learn how you can prioritize your security program to meet the requirements of regulatory and compliance frameworks with the CIS Critical Security Controls and CIS Benchmarks, as well as how to assess and implement secure configurations at scale.
News URL
Related news
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Progress urges admins to patch critical WhatsUp Gold bugs ASAP (source)
- October 2024 Patch Tuesday forecast: Recall can be recalled (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
- Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem (source)
- CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance (source)
- CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-05 | CVE-2022-1388 | Missing Authentication for Critical Function vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. | 9.8 |