We’ve Moved

Please update your bookmarks. Support for PowerSchool Learning has moved to the new PowerSchool Community. Visit the PowerSchool Community to find answers in our knowledge base and participate in discussions.


How can we help?

Security Advisory - F5 Automatic Update Vuln of 29 April 2015


Learning Security Advisory - F5 Automatic Update Vulnerability

Release Date


Last Update


Solution Status



A vulnerability was discovered with F5's BIG-IP software that could allow a man in the middle (MITM) attack on the software's Auto Update feature. The MITM could potentially upload malicious software updates to devices running vulnerable copies of BIG-IP.




Allows installation of unauthorized software updates to production PowerSchool Learning servers.

Systems Affected

Haiku Learning

Summary: On April 29th, 2015 F5 released an advisory regarding a man in the middle vulnerability in their software's auto update feature. In response, the Learning Security Team temporarily disabled the auto updates feature on all of our F5 devices. On May 15th, 2015 we install a patched version of the BIG-IP software on our F5 devices which resolves this vulnerability and have now re-enable auto updates.

Status: All systems are patched as of 2015-05-15.

Powered by Zendesk