Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Is f5 vulnerable to cve-2022-2274 / 2022-2097?

neeeewbie
MVP
MVP

‎07-Jul-2022 00:33

Hi 

 

we got new CVE 

Is f5 vulnerable to cve-2022-2274 / 2022-2097?

 

thank you

0 Kudos
6 REPLIES 6

Enes_Afsin_Al
MVP
MVP

‎07-Jul-2022 05:45

Hi neeeewbie,

 

ID Affected Versions
CVE-2022-2274 3.0.4
CVE-2022-2097 3.0.0-3.0.4 and 1.1.1-1.1.1p

The openssl version in F5 does not seem to be affected by these vulnerabilities.

[root@f5:Active:Standalone] config # openssl version
OpenSSL 1.0.2u-fips  20 Dec 2019

https://support.f5.com/csp/article/K48851448

0 Kudos

neeeewbie
MVP
MVP
In response to Enes_Afsin_Al

‎07-Jul-2022 06:03 - edited ‎07-Jul-2022 06:05

thanks for your kind attention

I saw this document

but Development of versions prior to 1.1.0 is discontinued

our device using 1.0.2. so I curious 

is 1.0.2 version safe from this vulnerable?

0 Kudos

Enes_Afsin_Al
MVP
MVP
In response to neeeewbie

‎07-Jul-2022 06:36

Hi neeeewbie,

OpenSSL Security Advisory [5 July 2022]
=======================================

Heap memory corruption with RSA private key operation (CVE-2022-2274)
=====================================================================
...
OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.
...


AES OCB fails to encrypt some bytes (CVE-2022-2097)
===================================================
...
This issue affects versions 1.1.1 and 3.0.  It was addressed in the
releases of 1.1.1q and 3.0.5 on the 5th July 2022.
...

 https://www.openssl.org/news/secadv/20220705.txt

neeeewbie
MVP
MVP
In response to Enes_Afsin_Al

‎07-Jul-2022 06:41

thank you!

I saw this news.

this openssl vesion safe from 2274

do you know f5 safe from 2097?

0 Kudos

CharlesHooper
Nimbostratus
Nimbostratus

‎13-Jul-2022 06:17

Thanks for the info.

By the way, can you tell me where I can find reviews for https://writinguniverse.com/free-essay-examples/comparative-analysis/ website online? I will be thankful to you. I am waiting for your reply.
0 Kudos

RebeccaRandle
Nimbostratus
Nimbostratus

‎16-Jul-2022 03:44

Thank you 🙂

Thanks for the info. I also want to know whether f5 vulnerable to cve-2022-2274 / 2022-2097 and I am glad I found my answer here. I also found https://writinguniverse.com/essay-checklist/ website through which I can take help to complete my assignments.
0 Kudos
Copyright © 2023 Khoros, LLC