Forum Discussion

Nimbostratus

Nov 30, 2012

Hostname checking vulnerability in axis

How is F5 addressing CVE-2012-5784, the gaping security hole where axis fails to verify the hostname in the SSL certificate?

Dec 03, 2012

Axis is a 3rd party tool that accesses our API. I would expect this to be something that Apache should work on patching. Since F5 isn't the developer for Axis, how to you recommend we address the issue?

-Joe

Forum Discussion

Hostname checking vulnerability in axis

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Check a Virtual Server's SSL Status

Vulnerability CVE-2023-45648 in ApacheTomcat