Last Modified: Feb 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1
Fixed In:
17.5.0
Opened: Sep 17, 2024 Severity: 3-Major
While parsing a CRL Distribution List, the host value is not validated and which could lead to an invalid LDAP URI being added to the CRLDP cache.
CRLDP updates the cache with the invalid LDAP URI and ignores valid URIs in the list.
1. BIG-IP configured for CRLDP Authentication. 2. An invalid host value occurs (for example a CRLDP object Server Connection is configured as No Server)
None
None