Operational Defect Database
BugZero found this defect 2215 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
F5 | 530645
SSL profile cipher string longer than 768 character is silently truncated.
Last update date:
4/26/2024
Affected products:
BIG-IP
BIG-IP LTM
Affected releases:
11.4.1
11.5.0
11.5.1
11.5.2
11.5.3
11.5.4
11.5.5
11.5.6
11.5.7
11.5.8
11.5.9
11.5.10
Fixed releases:
No fixed releases provided.
Description:
Bug ID 530645: SSL profile cipher string longer than 768 character is silently truncated. ... Last Modified: Apr 26, 2024 ... Symptoms ... Administrator can enter a cipher string in SSL profile longer than 768 characters, and the system appears to save and apply that cipher string. ... However, the system utilizes only the first 768 characters as the cipher string for the profile. ... Impact ... Cipher suites that were truncated will not be accepted. ... Conditions ... Workaround ... Do not use cipher strings longer than 768 characters. ... Fix Information
