Operational Defect Database
BugZero found this defect 1374 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
F5 | 751451
When upgrading to v14.0.0 or later, the 'no-tlsv1.3' option is missing from HTTPS monitors automatically created server SSL profiles
Last update date:
4/26/2024
Affected products:
BIG-IP
BIG-IP LTM
Affected releases:
14.0.0
14.0.0.1
14.0.0.2
14.0.0.3
14.0.0.4
14.0.0.5
14.0.1
14.0.1.1
14.1.0
14.1.0.1
14.1.0.2
14.1.0.3
Fixed releases:
No fixed releases provided.
Description:
Bug ID 751451: When upgrading to v14.0.0 or later, the 'no-tlsv1.3' option is missing from HTTPS monitors automatically created server SSL profiles ... Last Modified: Apr 26, 2024 ... Symptoms ... If there are HTTPS monitor objects that were created using BIG-IP software v12.x, when the BIG-IP is upgraded directly to v14.0.0 or later, the operation automatically creates server SSL profiles for the HTTPS monitors as needed. ... Those server SSL profile objects do not have 'no-tlsv1.3' included in their 'options' configuration. ... Impact ... TLSv1.3 gets enabled on the server SSL profiles. ... Conditions ... Workaround ... -- To avoid this issue, upgrade from v12.x to v13.x, and then upgrade to v14.0.0 or later -- To mitigate this issue, modify the affected profile to disable TLSv1.3. ... Fix Information
