Forum Discussion

Cirrocumulus

Jul 22, 2021

CVE-2013-3587 in Version 14.1.

Hello, A Security Audit asked for CVE-2013-3587. I came over this Info: https://support.f5.com/csp/article/K14634 but this is until Version 13, we're running Version 14.1 Does anyo...

MVP

Jul 25, 2021

does the security audit really show this is possible or just a vague suggestion? this is something from 2013 and i don't really see much attention for it since.

some suggestions can be found here.

https://www.akamai.com/uk/en/resources/breach-attack.jsp

as the F5 article also mentions this isn't that should be solved on another level, so first have a look at your application / web server.

in the end you can apply the same irule on 14.1 i believe, but as mentioned it might cause issues with the site.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

CVE-2013-3587 in Version 14.1.

Recent Discussions

301 redirect and waf policy log problem

Big-IP VE edition for MacBook M4 Chip

ASD

Background Tasks

APM with EntraID as idP / request signed

Related Content

Most up to date Cipher Suite for version 14.1.x to increase BitSight findings?

Big IP version 12 API

BIGdiff Version 2

F5OS Tenants TMOS version upgrade

How to change TLS version 1.0 settings to version 1.2 or 1.3 in F5 DDoS product

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS