F5 Networks BIG-IP : OpenSSL vulnerability (K59298921)
Medium Nessus Plugin ID 94412
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c. (CVE-2016-2181)
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K59298921.