F5 Networks BIG-IP : OpenSSL SSL_get_shared_ciphers vulnerability (SOL8106)
Critical Nessus Plugin ID 86017
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionF5 Product Development has determined that the BIG-IP and Enterprise Manager products use a vulnerable version of OpenSSL; however, the vulnerable code is not used in either TMM or in Apache on the BIG-IP system. The vulnerability is considered to be a local vulnerability and cannot be exploited remotely.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution SOL8106.