Operational Defect Database
BugZero found this defect 1094 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
F5 | 1019261
In-TMM HTTPS monitor with SSL Profile set to None does not use serverssl profile.
Last update date:
4/26/2024
Affected products:
BIG-IP
BIG-IP LTM
Affected releases:
14.1.2.6
14.1.2.7
14.1.2.8
14.1.3
14.1.3.1
14.1.4
14.1.4.1
14.1.4.2
14.1.4.3
14.1.4.4
14.1.4.5
14.1.4.6
Fixed releases:
No fixed releases provided.
Description:
Bug ID 1019261: In-TMM HTTPS monitor with SSL Profile set to None does not use serverssl profile. ... Last Modified: Apr 26, 2024 ... Symptoms ... HTTPS monitors with SSL profile set to None (default) will not use the default ServerSSL profile of "serverssl" when In-TMM monitoring is enabled. ... Instead, another internal ServerSSL profile is used which has different values from "serverssl". ... Impact ... The TLS settings for the HTTPS monitor monitor probes will not match those of the ServerSSL "serverssl" profile and may cause unexpected behavior such as utilizing TLS 1.3 (disabled by default in the "serverssl" profile) or random session IDs. ... Conditions ... Specify a ServerSSL profile in every HTTPS monitor when using In-TMM monitoring. ... Attaching the profile "serverssl" will result in the same behavior that SSL Profile "none" should provide, given that the "serverssl" profile should be the default. ... Fix Information
