Forum Discussion

Nimbostratus

Apr 07, 2014

OpenSSL and Heart Bleed Vuln

Get the latest updates on how F5 mitigates Heartbleed Hi Team, I know this question is eventually going to be asked - I may as well do it. With the news today about the Heartblee...

Nimbostratus

so is 11.5.0 safe or do we need to update?

What_Lies_Bene1

Cirrostratus

Apr 08, 2014

There is no update. v11.5 is vulnerable to this issue in two respects: 1) Where the Management Web GUI is concerned and 2) If any of your SSL Profiles contain cipher strings which contain compat ciphers but only if the client negotiates a compat cipher (which a hacker clearly would ensure happens).

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

OpenSSL and Heart Bleed Vuln

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

Building an OpenSSL Certificate Authority - Creating Your Root Certificate

Building an OpenSSL Certificate Authority - Configuring CRL and OCSP

Building an OpenSSL Certificate Authority - Creating ECC Certificates

OpenSSL CVE-2022-3786 and CVE-2022-3602 or "The Critical that wasn't"

Building an OpenSSL Certificate Authority - Creating Your Intermediary Certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS