Bug ID 476386: DHE-RSA-AES256-SHA256 and DHE-RSA-AES128-SHA256 should only be supported for tls1.2

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.6.2 HF1, 11.6.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
12.0.0, 11.6.1, 11.5.1 HF5

Opened: Aug 21, 2014

Severity: 3-Major

Symptoms

DHE-RSA-AES256-SHA256 and DHE-RSA-AES128-SHA256 are visible for other protocols, but are only supported for TLS1.2.

Impact

Selecting these might have unexpected results.

Conditions

These should only show up under TLS1.2 but they are visible for other protocols.

Workaround

None.

Fix Information

Resolved issue to ensure that DHE-RSA-AES256-SHA256 and DHE-RSA-AES128-SHA256 is supported only for TLS1.2.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips