Forum Discussion
NimbostratusCVE-2016-8610:ssl death alert
Hello ereryone: F5-BIG-IP V11.5.1 hotfix10, my customer want to know whether the F5 has been repaired CVE-2016-8610:ssl death alert ? ask f5 not found any information about "cve-2016-8610:ssl death alert ".
5 Replies
IainThomson85_1Cumulonimbus
I can't find any F5 documentation on that CVE. Your best Idea if you want an official F5 response is to raise an appropriate F5 SR.
Regards,
yuanqiang_22112Hi lainThnoson, 3Q! I will contack support to deal with the case.If I can foudn any information further,I will tell you !
Shaun_Simmons1Altostratus
Quick Reference info:
https://access.redhat.com/security/cve/CVE-2016-8610
Affected Versions:
OpenSSL All 0.9.8 OpenSSL All 1.0.1 OpenSSL 1.0.2 through 1.0.2h OpenSSL 1.1.0
Not Affected Versions:
OpenSSL 1.0.2i, 1.0.2j OpenSSL 1.1.0a, 1.1.0b
What protocol versions are affected? -All versions (SSL3.0, TLS1.0, TLS1.1, TLS1.2) are affected.
Openssl Version check: > rpm -q openssl
Chris_ChristianEmployee
F5 has received vulnerability details regarding CVE-2016-8610 and is actively investigating the impact to all F5 products. Once we have completed the research a Solution Article will be posted on AskF5 with the Vulnerability Status for all products and versions along with a Severity rating and Mitigation if applicable. Please see sol4602: Overview of the F5 security vulnerability response policy for details on our process.
- yuanqiang_22112
Thank you
