Last Modified: Nov 05, 2025
Affected Product(s):
BIG-IP AFM, LTM
Known Affected Versions:
17.1.2.1, 17.1.2.2, 17.1.3
Fixed In:
21.0.0, 17.5.1
Opened: May 07, 2025 Severity: 3-Major
When a port-list object is created using TMSH, REST or GUI under any context, redundant entries for the same object are generated in the configuration file under three contexts: net port-list security firewall port-list security shared-objects port-list For example, a port-list created using one CLI results in multiple entries referring to the same schema object, such as: net port-list /Common/portListExample { ports { 80 { } 443 { } } } security shared-objects port-list /Common/portListExample { ports { 80 { } 443 { } } } security firewall port-list /Common/portListExample { ports { 80 { } 443 { } } } This behaviour causes unnecessary duplication in the configuration file.
Redundant entries in the configuration file lead to: 1. Increased configuration file size unnecessarily. 2. Risk of user confusion during manual editing or review of configuration files. This issue does not impact runtime functionality or object behaviour, but it introduces maintenance overhead when users interact with their configurations.
Creating a port-list object in any context results in the same object being added as three separate entries in the configuration file. Ex: Using TMSH CLI configuration. Redundant entries occur in the configuration file when: A port-list object is created using any one of the following TMSH CLIs: 1. tmsh create net port-list 2. tmsh create security firewall port-list 3. tmsh create security shared-objects port-list All three CLI commands point to the same object and record three separate entries in the configuration file.
None
None