Last Modified: May 29, 2024
Affected Product(s):
F5OS (all modules)
Fixed In:
F5OS-C 1.6.0, F5OS-A 1.7.0, F5OS-A 1.5.2, F5OS-A 1.5.1
Opened: Jun 29, 2023 Severity: 1-Blocking
When logging into an F5OS or BIG-IP system that is in FIPS mode, RSA-1024 SSH public keys should not be allowed to make the connection. Users should instead be prompted for a password.
The user is allowed to authenticate with the key, which should not be allowed.
User creates a RSA-1024 SSH public key and uses it to connect to the system, while the system is in FIPS mode.
N/A
Users cannot authenticate with a RSA-1024 SSH public key while the system is in FIPS mode.