Last Modified: May 29, 2024
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4
Fixed In:
15.1.0, 14.1.2.7
Opened: Jul 03, 2019 Severity: 3-Major
The last provided cipher suite in the list is chosen if HTTP/2 is negotiated and not matched.
The least-secure cipher suite would be selected.
-- HTTP/2 negotiation is enabled. -- The provided cipher suites are not matched.
Put the most secure cipher suite in the end of the list.
Now the most secure cipher suite is selected regardless of the order in the list.