OpenSSL vulnerability and Apache Commons FileUpload vulnerability CVE-2014-0050

Question

Hi, &nbsp;
I'm big-ip version 11.5.1 HF2 and my BIG-IP iHealth station featuring some vulnerabilities and am not getting correct. &nbsp;
1 - Configuration utility / Apache Commons FileUpload vulnerability CVE-2014-0050
how to make safe configuration utility, this article did not help me much: SOL15189 &nbsp;
2 - COMPAT SSL ciphers / OpenSSL vulnerability CVE-2013-6449 
This article also did not help me much to fix these vulnerabilities: sol15147 &nbsp;
Anyone know how to fix?&nbsp;

cory_50405 · Answer

As long as you don't allow management access to your BIG-IP appliance over any production links and you have an isolated management network where only trusted/cleared personnel can access, then these risks are mitigated as well as they can be. You don't have any upgrade paths to mitigate these vulnerabilities completely.

what_lies_bene1 · Answer

is resolved, see here: http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html

rodrigo_n_soare · Answer

Ok. Thank you.&nbsp;

Forum Discussion

OpenSSL vulnerability and Apache Commons FileUpload vulnerability CVE-2014-0050

3 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

OpenSSH vulnerability

Mitigating Log4j Vulnerability using F5 BIG-IP

BYOEDR, Undetectable backdoor, WhoFi, Cyberattack to airline, and Clickjacking vulnerability

Coordinated Vulnerability Disclosure: A Balanced Approach

Breaking Down the Quantum Challenge: TLS Cipher Suite Vulnerabilities and FIPS Post-Quantum Standards Explained

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS