For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Sven_Leupold_85

Icon for Cirrus rank

Cirrus

Jun 05, 2014

SSL/TLS MITM vulnerability (CVE-2014-0224)

Hi folks Did someone get already an official statement from F5 Networks about the latest vulnerability disclosed today? (not heartbleed!) http://www.openssl.org/news/secadv_20140605.txt ...

application delivery

ASM Advanced WAF

BIG-IP Access Policy Manager (APM)

Icon for Nimbostratus rank

Nimbostratus

Jun 05, 2014

RedHat OpenSSL CCS Injection Vulnerability tool (CVE-2014-0224) https://access.redhat.com/labs/ccsinjectiontest identified VS on F5 (v.10.5.0 & v.10.5.1) as "Status: Vulnerable!"

Sven_Leupold_85
Cirrus
Jun 05, 2014
Same here, but as F5 does not use openssl stack here, I think that this could be a false positive.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5