Hostname checking vulnerability in axis

Question

How is F5 addressing CVE-2012-5784, the gaping security hole where axis fails to verify the hostname in the SSL certificate?&nbsp;
 &nbsp;

joe_pruitt · Answer

Axis is a 3rd party tool that accesses our API.  I would expect this to be something that Apache should work on patching.  Since F5 isn't the developer for Axis, how to you recommend we address the issue?&nbsp;
-Joe&nbsp;

Forum Discussion

Hostname checking vulnerability in axis

1 Reply

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Check a Virtual Server's SSL Status

Vulnerability CVE-2023-45648 in ApacheTomcat