Forum Discussion

Altostratus

Jun 10, 2014

Question about Vulnerability on BIG IP System CVE-2014-0224

Hi Community, Vulnerabilty: CVE-2014-0224 The question is: If i have BIG IP System that runs 11.2.1 Version with the LTM and ASM module currently active, Is my BIG IP System affected ...

application delivery

BIG-IP Access Policy Manager (APM)

Cirrus

Jun 10, 2014

The solution http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15325.html says:

a) 11.0.0 - 11.4.1

b) 10.0.0 - 10.2.4

are not affected. So with 11.2.1 you are in range a), right? Check if you are really using openssl (COMPAT ciphers ) in your SSL profiles. If not, only the management traffic and the monitors are under concern.

MDPF5_152674

Altostratus

Jun 10, 2014

Ok, but i think that my OpenSSL version 0.9.8u is vulnerable (that it's what the documentation says) So, is a documentation error? Or is my fault? Thank You

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)