AltostratusIf I am presented with this information from my Risk and Compliance team.
F5: K04225025: tcpdump vulnerabilities CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, and CVE-2017-5342How would I find out if this patch has been applied .. thank you muchly
CirrostratusYou need to upgrade your software version to one of the following based on your current running version (11.6.2 , 12.1.3 , 13.1.0 ) , or you can invoke the -w option in your tcpdump syntax to write raw packets to a pcap file for offline examination.
check this link.
AltostratusThank you Kolom, for such a prompt answer. What happens if I have 50 of the same message about other patches?
F5: K32262483: NTP vulnerability CVE-2017-6451
F5: K74759095: SafeNet External Network HSM script vulnerability CVE-2017-6165
F5: K82508682: Linux kernel vulnerability CVE-2017-6074
F5: K62279530: ConfigSync mcpd vulnerability CVE-2017-616 ... ad infinitum
We have just upgraded to 12.1.3 and the roadmap for theupgrade to 13.x is a long and winding road .. that leads to ... a Chris Rea song ...
CirrostratusWith a quick search , BIGIP 12.1.3 is not vulnerable to any of these vulnerabilities . If you have access to F5 support portal , you can generate a QKVIEW file , upload it to , and it will give you under the diagnostics tab a nice list of exposed vulnerabilities in your version. and each entry will have a hyperlink attached that will lead you to an official KB including versions that are not vulnerable or how to mitigate it using some configuration options.
AltostratusThank you Kolom, for such a prompt answer. What happens if I have 50 of the same message about other patches?
F5: K32262483: NTP vulnerability CVE-2017-6451
F5: K74759095: SafeNet External Network HSM script vulnerability CVE-2017-6165
F5: K82508682: Linux kernel vulnerability CVE-2017-6074
F5: K62279530: ConfigSync mcpd vulnerability CVE-2017-616 ... ad infinitum
We have just upgraded to 12.1.3 and the roadmap for theupgrade to 13.x is a long and winding road .. that leads to ... a Chris Rea song ...
AltostratusWith a quick search , BIGIP 12.1.3 is not vulnerable to any of these vulnerabilities . If you have access to F5 support portal , you can generate a QKVIEW file , upload it to , and it will give you under the diagnostics tab a nice list of exposed vulnerabilities in your version. and each entry will have a hyperlink attached that will lead you to an official KB including versions that are not vulnerable or how to mitigate it using some configuration options.