Skip to main content

Hitachi

Server and Client Products Vulnerability Information

Vulnerability (CVE-2015-5600) in OpenSSH for BIG-IP1500

Update: November27, 2015

Overview

BIG-IP1500 has vulnerability in OpenSSH.

Reference

1. Product

No. Machine Model Name Version Impact Note
1 BIG-IP 1500 GV0LB150-10NNNN0,
GV0LB150-20NNNN0,
GV0LB151-10NNNN1,
GV0LB151-20NNNN1 		9.1.3,
9.3.1,
10.0.1 		Remote attackers may be able to conduct brute-force attacks or cause a denial-of-service (DoS) to BIG-IP device by ssh connection.  

2. Condition

There is only affected when BIG-IP device allow logs in by ssh connection.

3. Avoidance

  • Please do the filtering setting only trusted ip address by the router etc.
  • Please intercept the management network from an external network.

4. Solution

Please do the avoidance method.

5. Change History

November 27, 2015 : This security information page is made newly, sent.