Note: For information about signing up to receive security notice updates from F5, refer to K9970: Subscribing to email notifications regarding F5 products.
Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about F5’s security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5 security vulnerability response policy.
F5 products and versions that have been evaluated for this Security Advisory
Product | Affected | Not Affected |
---|---|---|
BIG-IP LTM | None | *9.0.0 - 9.4.8 |
*10.0.0 - 10.2.1 | ||
10.2.1 HF1 | ||
10.2.2 - 10.2.4 | ||
11.x |
BIG-IP GTM| None| *9.2.2 - 9.4.8
*10.0.0 - 10.2.1
10.2.1 HF1
10.2.2 - 10.2.4
11.x
BIG-IP ASM| None| *9.2.0 - 9.4.8
*10.0.0 - 10.2.1
10.2.1 HF1
10.2.2 - 10.2.4
11.x
BIG-IP Link Controller| None| *9.2.2 - 9.4.8
*10.0.0 - 10.2.1
10.2.1 HF1
10.2.2 - 10.2.4
11.x
BIG-IP WebAccelerator| None| *9.4.0 - 9.4.8
*10.0.0 - 10.2.1
10.2.1 HF1
10.2.2 - 10.2.4
11.x
BIG-IP PSM| None| *9.4.5 - 9.4.8
*10.0.0 - 10.2.1
10.2.1 HF1
10.2.2 - 10.2.4
11.x
BIG-IP WOM| None| *10.0.0 - 10.2.1
10.2.1 HF1
10.2.2 - 10.2.4
11.x
BIG-IP APM| None| *10.1.0 - 10.2.1
10.2.1 HF1
10.2.2 - 10.2.4
11.x
BIG-IP Edge Gateway| None| *10.1.0 - 10.2.1
10.2.1 HF1
10.2.2 - 10.2.4
11.x
BIG-IP Analytics| None| 11.x
BIG-IP AFM| None
| 11.x
BIG-IP PEM
| None
| 11.x
BIG-IP AAM| None| 11.x
FirePass| None| 5.x
6.x
7.x
Enterprise Manager| None| *1.0.0 - 2.3.0
3.x
ARX| None| 2.x
3.x
4.x
5.x
6.x
This security advisory describes a BIND vulnerability.
For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:
Note: This link takes you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.
<https://vulners.com/cve/CVE-2010-3614>
F5 Product Development tracked an update to a version of BIND which mitigates this vulnerability, as ID 345944 and it was fixed in BIG-IP 10.2.2. BIND was updated to a non-vulnerable version in BIG-IP 10.2.1 HF1. You may download the 10.2.1 HF1 hotfix or later versions of the hotfix from the F5 Downloads site.
In addition, BIG-IP iHealth may list Heuristic H383256 on the Diagnostics > Identified > Medium screen.
For a list of the latest available hotfixes, refer to K9502: BIG-IP hotfix matrix.
For information about the F5 hotfix policy, refer to K4918: Overview of the F5 critical issue hotfix policy.
For information about how to manage F5 product hotfixes, refer to K6845: Managing F5 product hotfixes.
For information about installing version 10.x hotfixes, refer to in K10025: Managing F5 product hotfixes for BIG-IP 10.x systems.