Forum Discussion
squip_86995
Apr 07, 2014Nimbostratus
OpenSSL and Heart Bleed Vuln
Get the latest updates on how F5 mitigates Heartbleed
Hi Team,
I know this question is eventually going to be asked - I may as well do it.
With the news today about the Heartblee...
BinaryCanary_19
Apr 08, 2014Historic F5 Account
tmm --clientciphers NATIVE
will give you the list of the NATIVE ssl ciphers on your bigip Version. For all ciphers that appear on that list, you're not using openssl.
Also, the only BigIP version that is using a vulerable openssl in the wild is v11.5.0.
- What_Lies_Bene1Apr 08, 2014CirrostratusI'm not convinced that's the case when using a mixed cipher string. OpenSSL supports the native ciphers too. I'll try and do some testing and see what I find. You're correct that only v11.5 is vulnerable. As noted earlier, the management GUI is also vulnerable but again only on v11.5.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects