Last Modified: Jun 19, 2025
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6
Opened: Sep 20, 2023 Severity: 3-Major
An LTM policy using a rule that attempts to match based on a list of IP addresses may fail if more than one IP address range overlaps.
The action configured with the match will exclude IP address that do not match the more specific address range.
LTM policy rule with a 'tcp match address' statement that matches against more than one IP address range. For example, if both 10.48.128.0/18 and 10.48.192.0/20 are used, then although 10.48.141.201 might match the /18 range, it will not match the /20 and therefore the match will fail.
Avoid overlapping IP address range.
None