Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Company
Platform
Modern NDR
Resources
Company
DETECTION OVERVIEW
Risk Factors
Unpatched BIG-IP Application Delivery Controllers (ADCs) with web interfaces can be easily accessed by an attacker, especially if the web interface is internet-facing. Attack tools such as Metasploit and publicly-available exploits can help an unauthenticated attacker achieve their objective. A successful exploit can compromise the ADC and enable the attacker to intercept traffic or move laterally across the network.
Category
The BIG-IP ADC is a gateway device that directs traffic across a network. The configuration utility (Traffic Management User Interface or TMUI) has a known vulnerability, which enables unauthenticated attackers with network access to run arbitrary code on the TMUI server. The TMUI can be exposed to an attacker through the BIG-IP Management port or a Self IP address. Malicious code is delivered to the TMUI through an HTTP request that bypasses authentication checks and then runs a command or uploads a malicious payload. The attacker can then gain access to the BIG-IP ADC to manipulate traffic, access files, or upload malicious files to the ADC.
Network analysis and visibility solutions remain underrepresented in enterprises. Find out why in this preview of a new Wave report.
ExtraHop® Named a Leader in First-Ever Gartner® Magic Quadrant™ for Network Detection and Response
Visit this resource for more information.
This analysis exposes the critical link between an organization's lack of internal visibility and the escalating cost of compromise, demanding an urgent re-evaluation of how core business assets are protected.
Learn why you need to be wary of the claims certain network detection and response providers make about their coverage against the MITRE ATT&CK framework.
Learn how NDR from RevealX helps security teams detect and investigate more adversary TTPs in the MITRE ATT&CK framework than rule-based tools.
