For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Nov 07, 2015

F5 Vulnerability CVE-2015-7394 - Recomonded action

Hi all, Recently I implemented F5 LTM,APM,ASM in one of our customer site, with the software version of 11.6 HF5. Everything was working fine with this software version. Now recently I came to ...

BIG-IP Access Policy Manager (APM)

Brad_Parker_139

Icon for Nacreous rank

Nacreous

Nov 11, 2015

Don't go to v12.0 in production yet! It is brand spanking new and even F5 doesn't recommend going to x.0 versions in prod unless you are prepared for undocumented bugs. Wait for v12.1 if at all possible. As mentioned above, this exploit is not very "exploitable" even though the severity is high. If bad users are already able to login as admin you have way more issue to worry about.

siru_129409
Nimbostratus
Nov 11, 2015
Thanks Brad...:)

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5