On all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation that is mitigated by the Extended Master Secret (EMS) extension defined in RFC 7627. TLS connections that do not use EMS are vulnerable to man-in-the-middle attacks during renegotiation. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
f5 big-ip access policy manager |
||
f5 big-ip advanced firewall manager |
||
f5 big-ip advanced web application firewall |
||
f5 big-ip analytics |
||
f5 big-ip application acceleration manager |
||
f5 big-ip application security manager |
||
f5 big-ip ddos hybrid defender |
||
f5 big-ip domain name system |
||
f5 big-ip fraud protection service |
||
f5 big-ip global traffic manager |
||
f5 big-ip link controller |
||
f5 big-ip local traffic manager |
||
f5 big-ip policy enforcement manager |
||
f5 big-ip ssl orchestrator |
Vulmon