BIG-IP Version | Vulnerability

Question

Hi Team,&nbsp;Hope you all are safe!&nbsp;We have seen multiple vulnerabilities impacting on 12 and 13 series. Version known to be vulnerable on 13 series are 13.1.0 - 13.1.3. And we are on 13.1.3.4.&nbsp;So can you please let me know version 13.1.3.4 is vulnerable or not when F5 mention as "Version known to be vulnerable on 13 series are 13.1.0 - 13.1.3"&nbsp;https://support.f5.com/csp/article/K02453220https://support.f5.com/csp/article/K66544153https://support.f5.com/csp/article/K66544153&nbsp;&nbsp;Regards,Shekhars

lidev · Answer

Hi RAQS,&nbsp;Yes, version 13.1.3.4 is vulnerable.&nbsp;for a better understanding of security advisory versioning : https://support.f5.com/csp/article/K51812227&nbsp;"Versions known to be vulnerable: [...] Point releases and hotfixes are not listed in this column, unless a vulnerability is specifically introduced in a given point release or hotfix.For example, if 13.1.0 is listed as vulnerable, then 13.1.0.1 and 13.1.0.2 are also considered vulnerable if neither of those point releases are listed in the&nbsp;Fixes introduced in&nbsp;column.[...]&nbsp;Regards&nbsp;

Forum Discussion

BIG-IP Version | Vulnerability

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Cannot see floating MAC address outside of ESXi

Rewrite uri translation not working

Related Content

Python script to test if a F5 BIG-IP is vulnerable to cve-2023-46747

Big IP version 12 API

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

BIG-IP Configuration utility vulnerability CVE-2023-38138

BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747