Forum Discussion
MDPF5_152674
Altostratus
AltostratusQuestion about Vulnerability on BIG IP System CVE-2014-0224
Hi Community,
Vulnerabilty: CVE-2014-0224
The question is: If i have BIG IP System that runs 11.2.1 Version with the LTM and ASM module currently active,
Is my BIG IP System affected ...
Sven_Leupold_85
Cirrus
CirrusThe solution http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html says:
a) 11.0.0 - 11.4.1
b) 10.0.0 - 10.2.4
are not affected. So with 11.2.1 you are in range a), right? Check if you are really using openssl (COMPAT ciphers ) in your SSL profiles. If not, only the management traffic and the monitors are under concern.
MDPF5_152674But a) range and b) range are listed on : Versions known to be not vulnerable- Sven_Leupold_85You're right! In that case I would say that you are not affected at all. Your's is in "Versions known to be not vulnerable" range (a).
- MDPF5_152674Ok, but i think that my OpenSSL version 0.9.8u is vulnerable (that it's what the documentation says) So, is a documentation error? Or is my fault? Thank You
