SOL14204 - BIND vulnerability CVE-2011-4313

2013-02-1200:00:00

support.f5.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.104 Low

EPSS

Percentile

94.4%

JSON

F5 Product Development has determined that these Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these Enterprise Manager systems. These products are only vulnerable if BIND was manually configured and enabled.

Recommended action

To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table.

Supplemental Information

Common Vulnerabilities and Exposures (CVE-2011-4313)
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents.
SOL4602: Overview of the F5 security vulnerability response policy
SOL4918: Overview of the F5 critical issue hotfix policy
SOL167: Downloading software and firmware from F5
SOL13123: Managing BIG-IP product hotfixes (11.x)
SOL10025: Managing BIG-IP product hotfixes (10.x)
SOL6845: Managing BIG-IP product hotfixes (9.x)
SOL9502: BIG-IP hotfix matrix

CPENameOperatorVersion
big-ip edge gateway
le11.1.0
big-ip ltmle9.4.8 HF4
big-ip link controllerle9.4.8 HF4
big-ip psmle9.4.8 HF4
big-ip asmle9.4.8 HF4
big-ip gtmle9.4.8 HF4
big-ip womle11.1.0
big-ip apmle11.1.0
big-ip webacceleratorle9.4.8 HF4

Name	Operator	Version
big-ip edge gateway	le	11.1.0
big-ip ltm	le	9.4.8 HF4
big-ip link controller	le	9.4.8 HF4
big-ip psm	le	9.4.8 HF4
big-ip asm	le	9.4.8 HF4
big-ip gtm	le	9.4.8 HF4
big-ip wom	le	11.1.0
big-ip apm	le	11.1.0
big-ip webaccelerator	le	9.4.8 HF4