SOL16385 - Multiple MySQL vulnerabilities

Vulnerability Recommended Actions

If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.

To mitigate this vulnerability for the BIG-IP and Enterprise Manager systems, you should permit management access to F5 products only over a secure network, and limit shell access to trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x) and SOL13092: Overview of securing access to the BIG-IP system.

Additionally, for the Enterprise Manager system, you should not enable the Remote Access feature to provide remote access to the statistical database. If you have enabled the Remote Access feature, you should disable it by performing the following procedure:

Disabling the Remote Access feature

Impact of action: Remote access to the MySQL statistical database will no longer be allowed.

1. Log in to the Enterprise Manager Configuration utility.
2. Click Statistics.
3. Navigate to the Managed Devices >Options>Remote Access page.
4. Clear the Allow Remote Access check box.
5. Click Save Changes.

Supplemental Information

• SOL9970: Subscribing to email notifications regarding F5 products
• SOL9957: Creating a custom RSS feed to view new and updated documents
• SOL4918: Overview of the F5 critical issue hotfix policy
• SOL167: Downloading software and firmware from F5
• SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)
• SOL10025: Managing BIG-IP product hotfixes (10.x)
• SOL9502: BIG-IP hotfix matrix