Last Modified: Aug 01, 2024
Affected Product(s):
F5OS F5OS
Known Affected Versions:
F5OS-A 1.0.1, F5OS-A 1.1.0, F5OS-A 1.1.1, F5OS-A 1.2.0, F5OS-A 1.3.0, F5OS-A 1.3.1, F5OS-A 1.3.2, F5OS-A 1.4.0, F5OS-A 1.5.0, F5OS-A 1.5.1, F5OS-A 1.5.2
Fixed In:
F5OS-A 1.7.0
Opened: Feb 23, 2023 Severity: 2-Critical
By default, flannel uses CIDR 10.244.0.0/16, which was left unmodified. As a result, traffic arriving at the management interface from IP addresses in this network range may not match "allowed-ip" rules as expected.
System "allowed-ip" rules do not function as expected when the source IP address is within 10.244.0.0/16.
Any traffic coming in from a source IP range of 10.244.0.0/16 is masqueraded in F5OS-A.
None
Fixed in F5OS-A 1.6.0.