GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. (CVE-2015-0282)
Impact
This vulnerability may allow remote attackers to conduct downgrade attacks by way of unspecified vectors.
F5 Product Development has determined that BIG-IP, BIG-IQ, and Enterprise Manager versions contain the vulnerable GnuTLS code. However, the vulnerable code is not used as a server, or to make outgoing connections, and is not exploitable with normal configuration.