MD5 Message-Digest Algorithm vulnerability CVE-2004-2761

2014-09-11T21:10:00
ID F5:K15578
Type f5
Reporter f5
Modified 2016-01-09T02:21:00

Description

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. (CVE-2004-2761)

Impact

A context-dependent attacker may be able to conduct spoofing attacks.

If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists.

To mitigate this vulnerability, you can limit access for the ARX GUI to only use secure networks.