cancel
Showing results for 
Search instead for 
Did you mean: 

Is f5 vulnerable to cve-2022-2274 / 2022-2097?

neeeewbie
MVP
MVP

Hi 

 

we got new CVE 

Is f5 vulnerable to cve-2022-2274 / 2022-2097?

 

thank you

6 REPLIES 6

Hi neeeewbie,

 

ID Affected Versions
CVE-2022-2274 3.0.4
CVE-2022-2097 3.0.0-3.0.4 and 1.1.1-1.1.1p

The openssl version in F5 does not seem to be affected by these vulnerabilities.

[root@f5:Active:Standalone] config # openssl version
OpenSSL 1.0.2u-fips  20 Dec 2019

https://support.f5.com/csp/article/K48851448

thanks for your kind attention

I saw this document

but Development of versions prior to 1.1.0 is discontinued

our device using 1.0.2. so I curious 

is 1.0.2 version safe from this vulnerable?

Hi neeeewbie,

OpenSSL Security Advisory [5 July 2022]
=======================================

Heap memory corruption with RSA private key operation (CVE-2022-2274)
=====================================================================
...
OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.
...


AES OCB fails to encrypt some bytes (CVE-2022-2097)
===================================================
...
This issue affects versions 1.1.1 and 3.0.  It was addressed in the
releases of 1.1.1q and 3.0.5 on the 5th July 2022.
...

 https://www.openssl.org/news/secadv/20220705.txt

thank you!

I saw this news.

this openssl vesion safe from 2274

do you know f5 safe from 2097?

CharlesHooper
Nimbostratus
Nimbostratus

Thanks for the info.

By the way, can you tell me where I can find reviews for https://writinguniverse.com/free-essay-examples/comparative-analysis/ website online? I will be thankful to you. I am waiting for your reply.

RebeccaRandle
Nimbostratus
Nimbostratus

Thank you 🙂

Thanks for the info. I also want to know whether f5 vulnerable to cve-2022-2274 / 2022-2097 and I am glad I found my answer here. I also found https://writinguniverse.com/essay-checklist/ website through which I can take help to complete my assignments.