Last Modified: Jul 12, 2023
F5OS-C 1.3.0, F5OS-A 1.1.0
Opened: Dec 01, 2021 Severity: 3-Major
When a FIPS-enabled license is installed on the system, some MD5 ciphers are allowed on RESTCONF port 8888, when they should not be allowed.
MD5 SSLCipher continues to work on port 8888 on both system controller and chassis partition management IP addresses.
The command "openssl s_client -connect <mgmt-ip>:8888 -cipher MD5" returns a valid certificate.
Removed MD5 SSLCipherSuites from ssl.conf when a FIPS-enabled license is installed on the system.