For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

RAQS's avatar
RAQS
Icon for Cirrus rankCirrus
Aug 24, 2020

BIG-IP Version | Vulnerability

Hi Team,   Hope you all are safe!   We have seen multiple vulnerabilities impacting on 12 and 13 series. Version known to be vulnerable on 13 series are 13.1.0 - 13.1.3. And we are on 13.1.3....
application delivery
BIG-IP
LTM
Lidev's avatar
Lidev
Icon for Nacreous rankNacreous
Aug 24, 2020

Hi RAQS,

 

Yes, version 13.1.3.4 is vulnerable.

 

for a better understanding of security advisory versioning : https://support.f5.com/csp/article/K51812227

 

"Versions known to be vulnerable: [...] Point releases and hotfixes are not listed in this column, unless a vulnerability is specifically introduced in a given point release or hotfix.

For example, if 13.1.0 is listed as vulnerable, then 13.1.0.1 and 13.1.0.2 are also considered vulnerable if neither of those point releases are listed in the Fixes introduced in column.[...]

 

Regards