2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.01 Low
EPSS
Percentile
82.3%
Vulnerability Recommended Actions
To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table.
Note: BIG-IP and Enterprise Manager systems running fixed versions can be affected when an older OpenSSH client connects to the updated server. If you are using old SSH clients, you should upgrade the clients or manually set those clients’ cipher lists to only include CTR ciphers. For example, to use only CTR ciphers for the OpenSSH client, the command line must include the following option:
-c aes128-ctr,aes192-ctr,aes256-ctr
Supplemental Information
CPE | Name | Operator | Version |
---|---|---|---|
big-ip wom | le | 10.0.1 | |
enterprise manager | le | 1.8.0 | |
big-ip asm | le | 9.4.8 | |
big-ip webaccelerator | le | 9.4.8 | |
big-ip psm | le | 9.4.8 | |
big-ip link controller | le | 9.4.8 | |
big-ip gtm | le | 9.4.8 | |
big-ip ltm | le | 9.6.1 |
support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html
support.f5.com/kb/en-us/solutions/public/10000/000/sol10025.html
support.f5.com/kb/en-us/solutions/public/13000/100/sol13123.html
support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html
support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html
support.f5.com/kb/en-us/solutions/public/6000/800/sol6845.html
support.f5.com/kb/en-us/solutions/public/9000/500/sol9502.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html