logo
DATABASE RESOURCES PRICING ABOUT US

SOL15388 - OpenSSL vulnerability CVE-2011-4108

Description

Recommended Action If the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. **BIG-IP 11.x** To mitigate this vulnerability, you can configure your Secure Socket Layer (SSL) profile to use the NATIVE cipher suite. To do so, refer to SOL13171: Configuring the cipher strength for SSL profiles (11.x). **BIG-IP 10.x** To mitigate this vulnerability, you can configure your SSL profile to use the NATIVE cipher suite. To do so, refer to SOL7815: Configuring the cipher strength for SSL profiles (9.x - 10.x). Supplemental Information * SOL8802: Using SSL ciphers with BIG-IP Client SSL and Server SSL profiles * SOL9970: Subscribing to email notifications regarding F5 products * SOL9957: Creating a custom RSS feed to view new and updated documents. * SOL4602: Overview of the F5 security vulnerability response policy * SOL167: Downloading software and firmware from F5


Affected Software


CPE Name Name Version
big-ip psm 11.3.0
big-ip apm 11.3.0
big-ip webaccelerator 11.3.0
big-ip edge gateway 11.3.0
big-ip wom 11.3.0
big-ip afm 11.3.0
big-ip asm 11.3.0
enterprise manager 3.0.0
big-ip gtm 11.3.0
big-ip ltm 11.3.0
big-ip pem 11.3.0
big-ip link controller 11.3.0
big-ip analytics 11.3.0

Related