Forum Discussion

Nimbostratus

Dec 29, 2014

Any official statement on latest openssl vulnerability CVE-2014-3569 ?

Are any versions impacted for CVE-2014-3569 ? The NVD score is Medium but it seems so easy to exploit this remotely and it is also pre-authentication so mandatory client certificates will not h...

Cirrus

Dec 29, 2014

Since it is OpenSSL I would assume it would only affect the management GUI and potentially SSL profiles that use COMPAT ciphers. As with many OpenSSL vulnerabilities, one would assume if you are using the NATIVE cipher stack, the traffic interface shouldn't be affected.

Forum Discussion

Any official statement on latest openssl vulnerability CVE-2014-3569 ?

Recent Discussions

BWC iRule

GTM Packet Capture command

Citrix XenServer Big-IP Upgrade help

BIG-IP DNS iRule issue with static variable

F5 ASM logging profile to specify source IP

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

OWASP Automated Threats - OAT-014 Vulnerability Scanning

APM AdAuth HTTP Header Insert iRule Switch Statement

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Vulnerability CVE-2023-45648 in ApacheTomcat