12-Dec-2022 01:43 - edited 12-Dec-2022 01:53
K35253541 - java vulnerability come under tmm affected or mgmt- interface affected
12-Dec-2022 01:44
12-Dec-2022 02:22 - edited 12-Dec-2022 02:24
Right now there is no fix. No version to upgrade to.
The vulnerabilities are usually for the device itself.
So management interface is affected.
But you can use self-ip also to manage the device. And that go through tmm.
look at the self-ip port-lockdown option. if is set to default it means it allows a bunch of ports, including https.
https://support.f5.com/csp/article/K17333
you might want to choose none and use only management interface for administrative stuff.
