Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3
Opened: Mar 05, 2014 Severity: 3-Major
In the clientssl profile, secure renegotiation is enabled by default. This has led some groups to believe the BIG-IP system is open to a DoS attack, which is not true.
There is no impact to this issue.
A default clientssl profile is used.
Since we already have a renegotiation limit, there is no DoS here. Alternately, one can disable secure renegotiation.
None