Recommended action
To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table.
To mitigate this vulnerability on Enterprise Manager, you should not enable remote access to the statistics database. Remote access to the statistics database is not enabled by default.
Impact of action: When you configure managed devices to perform statistics data collection, they cannot send collected statistics to the Enterprise Manager system. Additionally, when you configure a system to perform a remote backup of a local statistics database, the system will be unable to access the statistics database.
Supplemental Information
For information about configuring statistics collection and enabling remote access to the statistics database, refer to the one of the following manuals:
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4602: Overview of the F5 security vulnerability response policy
SOL4918: Overview of the F5 critical issue hotfix policy
SOL167: Downloading software and firmware from F5
support.f5.com/kb/en-us/products/em.html
support.f5.com/kb/en-us/products/em.html
support.f5.com/kb/en-us/products/em.html
support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html
support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html
support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html