Vulnerability Recommended Actions
If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in theVersions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.
Mitigation
To mitigate this vulnerability, you can disable the recursion option on the BIND configuration if it is not required in your environment. To do so, perform the following procedure.
**Impact of action:**Â This procedure disables the recursion feature in the BIND configuration and restarts the system service that may affect the BIG-IP system responding to DNS queries. F5 recommends performing this procedure during a scheduled maintenance period.
grep "recursion\ "Â /var/named/config/named.conf
If the output displays “recursion yes,” proceed to step 4.
grep "recursion\ "Â /var/dnscached/config/named.conf
If the output displays “recursion yes,” proceed to step 4.
Note: The**/var/dnscached/config/named.conf** configuration file is only valid if the BIG-IP system is provisioned or was previously provisioned with the APM module.
 recursion yes;
 allow-recursion { <IP-Addresses-ACL> };
If you have more than one file to edit, after evaluating the files in step 2 and step 3, repeat step 4 for the next configuration file.
tmsh restart /sys service dnscached
tmsh restart /sys service named
Supplemental Information
support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html
support.f5.com/kb/en-us/solutions/public/10000/000/sol10025.html
support.f5.com/kb/en-us/solutions/public/10000/900/sol10942.html
support.f5.com/kb/en-us/solutions/public/13000/100/sol13123.html
support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html
support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html
support.f5.com/kb/en-us/solutions/public/6000/600/sol6664.html
support.f5.com/kb/en-us/solutions/public/9000/500/sol9502.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html