政府电脑保安事故协调中心 - 高危保安警报 (A26-05-26): F5 产品多个漏洞

描述:

F5 发布了安全公告，以应对 F5 产品的多个漏洞。有关漏洞资料的详情，请参考以下网址:
https://my.f5.com/manage/s/article/K000149743
https://my.f5.com/manage/s/article/K000150508
https://my.f5.com/manage/s/article/K000156581
https://my.f5.com/manage/s/article/K000156604
https://my.f5.com/manage/s/article/K000156734
https://my.f5.com/manage/s/article/K000156761
https://my.f5.com/manage/s/article/K000157895
https://my.f5.com/manage/s/article/K000157981
https://my.f5.com/manage/s/article/K000158029
https://my.f5.com/manage/s/article/K000158038
https://my.f5.com/manage/s/article/K000158070
https://my.f5.com/manage/s/article/K000158082
https://my.f5.com/manage/s/article/K000158971
https://my.f5.com/manage/s/article/K000158978
https://my.f5.com/manage/s/article/K000158979
https://my.f5.com/manage/s/article/K000159021
https://my.f5.com/manage/s/article/K000159034
https://my.f5.com/manage/s/article/K000160727
https://my.f5.com/manage/s/article/K000160788
https://my.f5.com/manage/s/article/K000160857
https://my.f5.com/manage/s/article/K000160862
https://my.f5.com/manage/s/article/K000160863
https://my.f5.com/manage/s/article/K000160874
https://my.f5.com/manage/s/article/K000160875
https://my.f5.com/manage/s/article/K000160876
https://my.f5.com/manage/s/article/K000160901
https://my.f5.com/manage/s/article/K000160903
https://my.f5.com/manage/s/article/K000160911
https://my.f5.com/manage/s/article/K000160916
https://my.f5.com/manage/s/article/K000160926
https://my.f5.com/manage/s/article/K000160932
https://my.f5.com/manage/s/article/K000160945
https://my.f5.com/manage/s/article/K000160971
https://my.f5.com/manage/s/article/K000160972
https://my.f5.com/manage/s/article/K000160973
https://my.f5.com/manage/s/article/K000160975
https://my.f5.com/manage/s/article/K000160979
https://my.f5.com/manage/s/article/K000160981
https://my.f5.com/manage/s/article/K000161018
https://my.f5.com/manage/s/article/K000161019
https://my.f5.com/manage/s/article/K000161021
https://my.f5.com/manage/s/article/K000161022
https://my.f5.com/manage/s/article/K000161023
https://my.f5.com/manage/s/article/K000161027
https://my.f5.com/manage/s/article/K000161028
https://my.f5.com/manage/s/article/K000161040
https://my.f5.com/manage/s/article/K000161056
https://my.f5.com/manage/s/article/K000161068
https://my.f5.com/manage/s/article/K000161107
https://my.f5.com/manage/s/article/K000161131
https://my.f5.com/manage/s/article/K000161244
https://my.f5.com/manage/s/article/K32950402
https://my.f5.com/manage/s/article/K35544022

有报告指远端执行程式码及服务被拒绝漏洞 (CVE-2026-42945) 正受到攻击。用户应立即为受影响的系统安装修补程式，以降低网络攻击的风险。

受影响的系统:

BIG-IP (所有模组) 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.2、17.1.0 至 17.1.3、17.5.0、17.5.0 至 17.5.1、21.0.0
BIG-IP APM 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
BIG-IP Advanced WAF/ASM 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
BIG-IP DDoS Hybrid Defender 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1
BIG-IP DNS 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
BIG-IP Next CNF 版本 1.1.0 至 1.4.1、2.0.0 至 2.2.1
BIG-IP Next SPK 版本 1.7.0 至 1.9.2、2.0.0 至 2.0.3
BIG-IP Next for Kubernetes 版本 2.0.0 至 2.1.1
BIG-IP PEM 版本 16.1.0 至 16.1.6、17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
BIG-IP SSL Orchestrator 版本 17.1.0 至 17.1.3、17.5.0 至 17.5.1、21.0.0
BIG-IQ Centralized Management 版本 8.4.0 至 8.4.1
F5 DoS for NGINX 版本 4.8.0
F5 WAF for NGINX 版本 5.9.0 至 5.12.1
NGINX App Protect DoS 版本 4.3.0 至 4.7.0
NGINX App Protect WAF 版本 4.9.0 至 4.16.0、5.1.0 至 5.8.0
NGINX Gateway Fabric 版本 1.3.0 至 1.6.2、2.0.0 至 2.6.0
NGINX Ingress Controller 版本 3.5.0 至 3.7.2、4.0.0 至 4.0.1、5.0.0 至 5.4.2
NGINX Instance Manager 版本 2.16.0 至 2.22.0
NGINX Open Source 版本 0.6.27 （1.30.1 之前）
NGINX Plus 版本 R32 （R32 P6 之前）至 R36 （R36 P4 之前）

有关受影响系统的详细资料，请参阅供应商网站的相应安全公告。

影响:

成功利用漏洞可以导致受影响的系统发生远端执行程式码、服务被拒绝、权限提升、泄漏资讯、绕过保安限制、仿冒诈骗或篡改。

建议:

现已有适用于受影响系统的软件更新。受影响系统的系统管理员应遵从产品供应商的建议，立即採取行动以降低风险。建议谘询产品供应商以取得修补程式及有关支援。

进一步资讯:

https://my.f5.com/manage/s/article/K000149743
https://my.f5.com/manage/s/article/K000150508
https://my.f5.com/manage/s/article/K000156581
https://my.f5.com/manage/s/article/K000156604
https://my.f5.com/manage/s/article/K000156734
https://my.f5.com/manage/s/article/K000156761
https://my.f5.com/manage/s/article/K000157895
https://my.f5.com/manage/s/article/K000157981
https://my.f5.com/manage/s/article/K000158029
https://my.f5.com/manage/s/article/K000158038
https://my.f5.com/manage/s/article/K000158070
https://my.f5.com/manage/s/article/K000158082
https://my.f5.com/manage/s/article/K000158971
https://my.f5.com/manage/s/article/K000158978
https://my.f5.com/manage/s/article/K000158979
https://my.f5.com/manage/s/article/K000159021
https://my.f5.com/manage/s/article/K000159034
https://my.f5.com/manage/s/article/K000160727
https://my.f5.com/manage/s/article/K000160788
https://my.f5.com/manage/s/article/K000160857
https://my.f5.com/manage/s/article/K000160862
https://my.f5.com/manage/s/article/K000160863
https://my.f5.com/manage/s/article/K000160874
https://my.f5.com/manage/s/article/K000160875
https://my.f5.com/manage/s/article/K000160876
https://my.f5.com/manage/s/article/K000160901
https://my.f5.com/manage/s/article/K000160903
https://my.f5.com/manage/s/article/K000160911
https://my.f5.com/manage/s/article/K000160916
https://my.f5.com/manage/s/article/K000160926
https://my.f5.com/manage/s/article/K000160932
https://my.f5.com/manage/s/article/K000160945
https://my.f5.com/manage/s/article/K000160971
https://my.f5.com/manage/s/article/K000160972
https://my.f5.com/manage/s/article/K000160973
https://my.f5.com/manage/s/article/K000160975
https://my.f5.com/manage/s/article/K000160979
https://my.f5.com/manage/s/article/K000160981
https://my.f5.com/manage/s/article/K000161018
https://my.f5.com/manage/s/article/K000161019
https://my.f5.com/manage/s/article/K000161021
https://my.f5.com/manage/s/article/K000161022
https://my.f5.com/manage/s/article/K000161023
https://my.f5.com/manage/s/article/K000161027
https://my.f5.com/manage/s/article/K000161028
https://my.f5.com/manage/s/article/K000161040
https://my.f5.com/manage/s/article/K000161056
https://my.f5.com/manage/s/article/K000161068
https://my.f5.com/manage/s/article/K000161107
https://my.f5.com/manage/s/article/K000161131
https://my.f5.com/manage/s/article/K000161244
https://my.f5.com/manage/s/article/K32950402
https://my.f5.com/manage/s/article/K35544022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20916
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32643
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32673
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34176
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35062
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39455
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39458 (to CVE-2026-39459)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40060 (to CVE-2026-40061)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40067
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40460
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40631
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40698 (to CVE-2026-40699)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40701
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40703
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41217 (to CVE-2026-41219)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41225
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41227
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41953 (to CVE-2026-41954)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41956 (to CVE-2026-41957)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42058
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42408 (to CVE-2026-42409)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42778 (to CVE-2026-42781)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42919 (to CVE-2026-42920)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42924
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42945 (to CVE-2026-42946)

标签 : F5 , BIG-IP , BIG-IQ , NGINX