nolipineda
Jul 10, 2015Altostratus
CVE-2015-1793
Hi,
Does anyone know if F5 devices are affected by this OpenSSL vulnerability, CVE-2015-1793?
Thanks!
The affected OpenSSL versions have been out less than a month:
https://www.openssl.org/news/openssl-1.0.2-notes.html
https://www.openssl.org/news/openssl-1.0.1-notes.html
I doubt any vendor has based their software off these version. Also, this really more of a client side vulnerability than server, so you'd have to trick the device in to opening a connection to a non-trusted site, which is not going to be easy.
In short, nothing to see here, move along...