Bug ID 530963: BIG-IP TLS doesn't correctly verify Finished.verify_data on non-Cavium platforms

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
11.2.1, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5

Fixed In:
12.0.0, 11.6.0 HF6, 11.5.4, 11.5.3 HF2, 11.4.1 HF10, 11.2.1 HF16

Opened: Jul 01, 2015
Severity: 2-Critical
Related Article:
K16970

Symptoms

The BIG-IP does not verify every byte in the Finished message of an TLS handshake but does properly validate the MAC of the Finished message.

Impact

F5 believes the reported behavior does not have security implications at this time.

Conditions

* The BIG-IP platform contains a Cavium SSL accelerator card but the affected TLS connection is not accelerated by the Cavium SSL accelerator card. The following list some examples when a TLS connection is not accelerated by the Cavium card: * The ciphers used by the TLS connection are not fully accelerated in the Cavium card. For more information about ciphers that are fully hardware accelerated, refer to SOL13213: SSL ciphers that are fully hardware accelerated on BIG-IP platforms (11.x) * The BIG-IP platform does not contain a Cavium SSL accelerator card. The following list the BIG-IP platforms that do not contain a Cavium SSL accelerator card: * BIG-IP 2000 platforms * BIG-IP 4000 platforms * BIG-IP Virtual Edition

Workaround

None.

Fix Information

BIG-IP TLS doesn't correctly verify Finished.verify_data on non-Cavium platforms.

Behavior Change