For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Cirrocumulus rank

Cirrocumulus

Nov 05, 2009

SSL Vulnerability

Does anyone know if F5's with SSL Offload are vulnerable to the plain text insertion vulnerability that's been reported today? Details are vague (As you'd expect) but IIUC it may be on...

Icon for Cirrocumulus rank

Cirrocumulus

Nov 06, 2009

I have an answer from F5.

The answer itself was specific to 9.4.7, but there's no indication that it's different for any other version (Although I have asked). Because of the way they've implemented it, they're only vulnerable (For SSL Offload) if you have an iRule that explicitly does an SSL::renegotiate.

They'll be publishing a SOL note in the next few days, possibly with same iRule code to workaround the issue where SSL::renegotiate is necessary.

H

F5 Academy at AppWorld 2026

DevCentral News

Aswin MK - November 2025 Featured Member

DevCentral News

Introducing the F5 AI Assistant for BIG-IP

Technical Articles

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5