BIND vulnerability CVE-2015-5722

Question

Hi&nbsp;
Due to BIND vulnerability CVE-2015-5722&nbsp;
I'm using GTM version 10.2.4 and it has note (1) and (3)&nbsp;
If I don't enable dnssec validation ...but config a pool to uses the Return to DNS load balancing method  or Alternate and Fallback load balancing methods are set to None.&nbsp;
Did My box vulnerable?&nbsp;

pascal_tene_910 · Answer

Yes your box is potentially vulnerable when  all pools associated with the wide-IP are unavailable. 
This is clarified in https://support.f5.com/kb/en-us/solutions/public/17000/100/sol17181.html&nbsp;
"These versions are vulnerable if configured with a pool that uses the Return to DNS load balancing method or when the pool's Alternate and Fallback load balancing methods are set to None, and all pools associated with the wide-IP are unavailable."&nbsp;

Forum Discussion

BIND vulnerability CVE-2015-5722

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Inquiry on F5's Maintenance Mode Feature for Pool Members

Ansible modules for F5OS

VPN fragmented IP packets dropped

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

LTM Monitoring IIS and Webserver Binding

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Vulnerability CVE-2023-45648 in ApacheTomcat