For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Cirrus rank

Cirrus

Nov 23, 2022

Solved

BIGIP BIND for CVE-2022-38177

Hello Expert, My BIGIP are vulnerable by CVE-2022-38177 and we would like to apply the work around as stated in KB disable-algorithms "." { "ECDSAP256SHA256"; "ECDSAP384SHA384"; ...

application delivery

JoshBecigneul
Nov 24, 2022
If you don't have BIG-IP DNS provisioned then BIND should not be provisioned for end-user access.

If it is enabled then you can use the ZoneRunner interface to make the modification to the configuration. https://support.f5.com/csp/article/K6963

I believe DNS Cache/DNS Express don't rely on BIND (they are built into TMM) so should not be vulnerable to this issue.

Icon for MVP rank

MVP

Nov 24, 2022

If you don't have BIG-IP DNS provisioned then BIND should not be provisioned for end-user access.

If it is enabled then you can use the ZoneRunner interface to make the modification to the configuration. https://support.f5.com/csp/article/K6963

I believe DNS Cache/DNS Express don't rely on BIND (they are built into TMM) so should not be vulnerable to this issue.

SolarJeans
Cirrus
Nov 30, 2022
Thanks for great explanation

Security Best Practices for F5 Products

Technical Articles

F5 AppWorld 2026 Registration - early bird pricing.

DevCentral News

Kostas Injeyan - October 2025 Featured Member

DevCentral News

featured member

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5