30 Apr 2021

Vulnerability Exposes F5 BIG-IP to Kerberos KDC Hijacking Attacks

A high-severity vulnerability, CVE-2021-23008, allows the bypass of Active Directory authentication if the attacker can hijack a Kerberos Key Distribution Center connection. The attacker uses a spoofed Kerberos Authentication Service Response, or authentication bypass is possible from a compromised AD server.  In order for the protocol to work, the user

Read More