Last Modified: Jul 18, 2025
Affected Product(s):
BIG-IP AFM, LTM
Known Affected Versions:
17.1.2.1, 17.1.2.2
Fixed In:
17.5.1
Opened: May 07, 2025 Severity: 3-Major
When a port-list object is created using one of the following TMSH CLIs (tmsh create net port-list, tmsh create security firewall port-list, or tmsh create security shared-objects port-list), redundant entries for the same object are generated in the configuration file under three contexts: net port-list security firewall port-list security shared-objects port-list For example, a port-list created using one CLI results in multiple entries referring to the same schema object, such as: net port-list /Common/portListExample { ports { 80 { } 443 { } } } security shared-objects port-list /Common/portListExample { ports { 80 { } 443 { } } } security firewall port-list /Common/portListExample { ports { 80 { } 443 { } } } This behaviour causes unnecessary duplication in the configuration file.
Redundant entries in the configuration file lead to: 1. Increased configuration file size unnecessarily. 2. Risk of user confusion during manual editing or review of configuration files. This issue does not impact runtime functionality or object behaviour, but it introduces maintenance overhead when users interact with their configurations.
Redundant entries occur in the configuration file when: A port-list object is created using any one of the following TMSH CLIs: 1. tmsh create net port-list 2. tmsh create security firewall port-list 3. tmsh create security shared-objects port-list All three CLI commands point to the same object and record three separate entries in the configuration file.
None
None