iHealth CVE Report

Question

Hi All,&nbsp;
I am about to upgrade a client's TMOS version based on vulnerability heuristics report from .
Now here's my Q. For one of the critical CVE, it says fixes are introduced in version 11.6 HF2, 12.1 HF1. Does this mean the fix is not in version 12.0?&nbsp;
Thanks.&nbsp;

rob_carr · Answer

v12.0 went EoSD on the release date of v12.1, so it's quite likely that the fix has not been rolled into the v12.0 branch.

From K5903: BIG-IP software support policy:

"At the end of a release’s Standard Support phase, the release enters its EoSD phase. Software versions that have reached their EoSD date are no longer supported with active software development. These software versions will continue to receive reasonable effort configuration support until reaching their EoTS date. However, F5 will not provide software fixes (hotfixes) or consulting services for that version during the EoSD phase."

Forum Discussion

iHealth CVE Report

1 Reply

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

SSH forward proxy

F5 CIS -> NGINX Plus Ingress Controller Integration

Can I use F5 Big-IP WAF as HoneyPot

Entra ID F5 APM MDM Intune integration compliance check

How to get group name CN from session.ad.last.attr.memberOf when there are multiple attribute value

Related Content

Why We CVE

Re: BigIP Report

VulnCon 2025, EU CRA, CVE funding, Smishing Kit

BigIP Report Old

Mitigating Apache Camel Vulnerability CVE-2025–27636 with F5 Products

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS