Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4
Fixed In:
16.0.0, 15.1.0.2, 15.0.1.3, 14.1.2.5, 13.1.3.4
Opened: Dec 18, 2019 Severity: 3-Major
The scheduled report email is sent from BIG-IP using TLS even if configured to not use encryption. When the mail server TLS is outdated it may lead to failure of the mail delivery.
The minor impact is unexpected behaviour. In rare cases it may lead to malfunction of the scheduled reports.
The scheduled reports are enabled and configured to use a mail server which reports TLS capability.
None
The automatic TLS connection was introduced via udate of the phpmailer module. The current fix disables automatic behaviour such that encryption will be used according to BIG-IP configuration.