Vulnerability Recommended Actions
If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in theVersions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.
To determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to SOL21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems.
Mitigation
To mitigate this vulnerability, you can restrict network access to the big3d network port, TCP 4353.
Impact of action: TCP port 4353 is used to transfer sync-group data between BIG-IP devices. Any changes should be tested to ensure compatibility in your environment.
Supplemental Information
support.f5.com/kb/en-us/solutions/public/13000/000/sol13092.html
support.f5.com/kb/en-us/solutions/public/13000/700/sol13703.html
support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html
support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html