Bug ID 1007901: Support for FIPS 140-3 Module identifier service.

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
16.1.0, 16.1.1, 16.1.2, 16.1.2.1

Fixed In:
17.0.0, 16.1.2.2

Opened: Mar 31, 2021
Severity: 2-Critical

Symptoms

The module provides a service to output module name/identifier and version that can be mapped to the validation records. The 'tmsh show sys version' command shows a version, but it does not show a module name, where the "module name" is the name on the FIPS certificate.

Impact

The module does not provide a service to output module name/identifier and version that can be mapped to the validation records.

Conditions

Running 'tmsh show sys version' while the system is running in FIPS mode

Workaround

N/A

Fix Information

Added the FIPS module information to output of command "show sys version". FIPS module information is now appended after "Project" field info of the "show sys version" The syntax of the new field is "FIPS Module <FIPS_module_name>" In the GUI, FIPS module info shall be appended to existing "Version" information shown under system(tab)?Device?Version The syntax will be "Version: <Existing Info> <FIPS_module_name>

Behavior Change