F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

RockBD's avatar
RockBD
Icon for Altocumulus rankAltocumulus
Feb 07, 2023

Help needed to understand KB of f5

Hi Yesterday F5 published K56412001: BIG-IP SSL OCSP Authentication profile vulnerability CVE-2023-22323 has been published https://my.f5.com/manage/s/article/K56412001. In the KB F5, mention the f...
application delivery
F5 Big-IB
RockBD's avatar
RockBD
Icon for Altocumulus rankAltocumulus
Feb 07, 2023

Thanks for the reply.

Thanks for the information on iHealth. 

You told me that 15.1.2.1-0.x.x is within the vulnerable range. How may I know,  according to K56412001: BIG-IP SSL OCSP Authentication profile vulnerability CVE-2023-22323 has been published https://my.f5.com/manage/s/article/K56412001.

 

 

  • Amine_Kadimi's avatar
    Amine_Kadimi
    Icon for MVP rankMVP
    Feb 07, 2023

    Because in this case you consider your release to be 15.1.2 which is within the vulnerable range. Quoting from https://my.f5.com/manage/s/article/K51812227:

    Versions known to be vulnerable: The range of product versions within each branch that are confirmed by F5 Product Development as vulnerable. Point releases and hotfixes are not listed in this column, unless a vulnerability is specifically introduced in a given point release or hotfix. Vulnerable versions include all point releases or hotfixes for a given software version. For example, if 13.1.0 is listed as vulnerable, then 13.1.0.1 and 13.1.0.2 are also considered vulnerable if neither of those point releases are listed in the Fixes introduced in column.