Last Modified: Nov 15, 2024
Affected Product(s):
BIG-IP Install/Upgrade, LTM
Known Affected Versions:
15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 17.0.0, 17.0.0.1, 17.0.0.2, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4
Fixed In:
16.1.5
Opened: Oct 26, 2023 Severity: 3-Major Related Article:
K000137430
The irule SSL::sessionid command used returns an empty value after an upgrade to v15.1.9.1, when used with a TLS1.3 session. While SSL::sessionid in v15.1.8.2 returns the value specified in the ClientHello for a TLSv1.3 session, upgrading to v15.1.9.1 results in empty values returned when calling SSL::sessionid.
SSL::sessionid returns an empty value, which could result in unintended behavior for applications that use that iRule command.
1. Use SSL::sessionid in an iRule 2. Use an affected BIG-IP version 3. Client establishes a TLS1.3 connection
None
None