Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP All
Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4
Fixed In:
11.6.0, 11.5.1 HF5
Opened: Mar 25, 2014 Severity: 3-Major
The setting sys db security.commoncriteria reverts to its default value (false) when loading from the configuration files under /config. Although the system usually uses the binary configuration database file under /var/db/ when BIG-IP boots up, under certain circumstances (such as following the first reboot of a new VCMP guest) the system uses files under /config instead.
The setting sys db security.commoncriteria reverts to its default value of false, which might result in unexpected behavior.
This occurs when running 'tmsh load sys config'. The sys db security.commoncriteria value is set to true only when running in Common Criteria mode, i.e., after running 'tmsh run util ccmode'. Note that this is not a common setting.
If the option reverts, set it again. The following steps must be repeated each time the setting reverts: # tmsh modify sys db security.commoncriteria value true # tmsh save sys config # tmsh reboot
The sys db security.commoncriteria setting value no longer reverts to the default value (false).