Forum Discussion
2 Replies
Sort By
- Brad_ParkerCirrus
Since it is OpenSSL I would assume it would only affect the management GUI and potentially SSL profiles that use COMPAT ciphers. As with many OpenSSL vulnerabilities, one would assume if you are using the NATIVE cipher stack, the traffic interface shouldn't be affected.
- Pascal_Tene_910Historic F5 Account
This only affects OpenSSL 1.0.1j. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3569 You can check which openSSL version you are using from CLI by running the command openssl version. BigIP version 11.6.0 uses OpenSSL 1.0.1h. it is highly probable that no BigIP version is affected by this CVE. No Official statement at the moment.