Forum Discussion

boneyard's avatar
Jun 16, 2014

CVE-2012-6638 mitigation in another way?

it seems the only way to mitigate CVE-2012-6638* is to upgrade to 11.5.x, something which is not always possible, certainly in short time.


has anyone implemented any other methods or contacted F5 about fixes in lower versions?




3 Replies

  • thank you what lies beneath, i must have read over that part, makes things a lot less serious.


  • It's actually CentOS now.


    No idea around mitigations I'm afraid but remember this only relates to your management interface which I'd hope is on a secure network anyway right?


  • There was a comment on the web that Red Hat 5 and 6 are not affected. AFAIK the base OS for BIGIP image is RHEL 5 but only internal F5 people would be able to tell you for sure.