6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.023 Low
EPSS
Percentile
88.5%
This security advisory describes a BIND vulnerability.
For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:
Note: This link takes you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614>
F5 Product Development tracked an update to a version of BIND which mitigates this vulnerability, as ID 345944 and it was fixed in BIG-IP 10.2.2. BIND was updated to a non-vulnerable version in BIG-IP 10.2.1 HF1. You may download the 10.2.1 HF1 hotfix or later versions of the hotfix from the F5 Downloads site.
In addition, BIG-IP iHealth may list Heuristic H383256 on the Diagnostics > Identified > Medium screen.
For a list of the latest available hotfixes, refer to SOL9502: BIG-IP hotfix matrix.
For information about the F5 hotfix policy, refer to SOL4918: Overview of the F5 critical issue hotfix policy.
For information about how to manage F5 product hotfixes, refer to SOL6845: Managing F5 product hotfixes.
For information about installing version 10.x hotfixes, refer to in SOL10025: Managing F5 product hotfixes for BIG-IP 10.x systems.