vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Question

Kindly guide me these vulnerabilities (CVE-2020-36363), (CVE-2016-0736), (CVE-2019-6593) -FOR VERSION BIGIP LTM-16.1. 4 are applicable or not.Thank you

jmtaylor · Answer

Hello Kuldeep22&nbsp; Please see below the information that was found for your inquiry&nbsp;
&nbsp;
&nbsp;

CVE-2020-36363 :&nbsp;This vulnerability is related to amazon AWS CloudFront TLSv1.2_2019 which allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers. This is not related to F5 products.&nbsp;2. CVE-2016-0736 :&nbsp;F5 products are not affected by this vulnerability. Please refer the below article.K53437580: Apache vulnerabilities CVE-2016-0736 and CVE-2016-2161https://my.f5.com/manage/s/article/K534375803. CVE-2019-6593 :&nbsp;Currently your BIG IP is running on version 16.1.4 and this vulnerability is not affected to your BIG IP version.&nbsp; Kindly go through the below article.&nbsp;K10065173: TMM TLS virtual server vulnerability CVE-2019-6593https://my.f5.com/manage/s/article/K10065173

Forum Discussion

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

1 Reply

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Vulnerability CVE-2023-45648 in ApacheTomcat

Re: Mitigation of OWASP API6: 2019 Mass Assignment vulnerability using F5 Distributed Cloud Platform