SOL61570943 - libXML2 vulnerabilities CVE-2015-7941 and CVE-2015-7942


Vulnerability Recommended Actions If you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists. F5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy. To mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network, and limit shell access to trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system. Supplemental Information * SOL9970: Subscribing to email notifications regarding F5 products * SOL9957: Creating a custom RSS feed to view new and updated documents * SOL4918: Overview of the F5 critical issue hotfix policy * SOL167: Downloading software and firmware from F5

Affected Software

CPE Name Name Version
big-iq security 4.5.0
big-ip apm 11.6.0
big-ip edge gateway 11.3.0
big-iq cloud and orchestration 1.0.0
big-ip ltm 11.6.0
big-ip link controller 11.6.0
big-ip webaccelerator 11.3.0
big-ip wom 11.3.0
big-ip psm 11.4.1
big-ip analytics 11.6.0
traffix sdc 4.4.0
big-ip gtm 11.6.0
big-ip asm 11.6.0
big-ip pem 11.6.0
big-iq cloud 4.5.0
big-iq device 4.5.0
big-iq adc 4.5.0
big-ip afm 11.6.0
big-ip aam 11.6.0
enterprise manager 3.1.1
big-iq centralized management 4.6.0