SOL14261 - OpenSSL OCSP vulnerability CVE-2013-0166

2013-03-0700:00:00

support.f5.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

77.7%

JSON

Recommended action

To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table.

Supplemental Information

Common Vulnerabilities and Exposures (CVE-2013-0166)

Note: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.

SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4602: Overview of the F5 security vulnerability response policy
SOL4918: Overview of the F5 critical issue hotfix policy
SOL167: Downloading software and firmware from F5
SOL13123: Managing BIG-IP product hotfixes (11.x)
SOL10025: Managing BIG-IP product hotfixes (10.x)
SOL6845: Managing BIG-IP product hotfixes (9.x)
SOL9502: BIG-IP hotfix matrix
SOL10322: FirePass hotfix matrix
SOL12766: ARX hotfix matrix
SOL3430: Installing FirePass hotfixes
SOL6664: Obtaining and installing OPSWAT hotfixes
SOL10942: Installing OPSWAT hotfixes on BIG-IP APM systems

CPENameOperatorVersion
big-ip psmle9.4.8
big-ip apmle11.3.0
big-ip webacceleratorle9.4.8
big-ip edge gateway
le11.3.0
big-ip womle11.3.0
arxle6.4.0
big-ip afmle11.3.0
big-ip asmle9.4.8
big-ip ltmle9.6.1
firepassle7.0.0

Name	Operator	Version
big-ip psm	le	9.4.8
big-ip apm	le	11.3.0
big-ip webaccelerator	le	9.4.8
big-ip edge gateway	le	11.3.0
big-ip wom	le	11.3.0
arx	le	6.4.0
big-ip afm	le	11.3.0
big-ip asm	le	9.4.8
big-ip ltm	le	9.6.1
firepass	le	7.0.0