SOL15568 - OpenSSL vulnerability CVE-2014-3510

Recommended Action

You can eliminate this vulnerability by running a version listed in the Versions known to be not vulnerable column in the previous table. If theVersions known to be not vulnerable column does not list a version that is later than the version you are running, then no upgrade candidate currently exists.

For BIG-IP Edge Clients, there is no workaround. To mitigate this vulnerability for all other affected products, perform the following task:

• Verify that Datagram Transport Layer Security (DTLS) virtual servers referencing Secure Socket Layer (SSL) profiles do not permit COMPAT SSL ciphers.

Supplemental Information

• SOL9970: Subscribing to email notifications regarding F5 products
• SOL9957: Creating a custom RSS feed to view new and updated documents.
• SOL4602: Overview of the F5 security vulnerability response policy
• SOL4918: Overview of the F5 critical issue hotfix policy
• SOL167: Downloading software and firmware from F5