Bug ID 674459: Users are not expected to change security.commoncriteria DB variable through TMSH

Last Modified: Dec 20, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4

Opened: Jul 18, 2017
Severity: 3-Major

Symptoms

Changing the security.commoncriteria db variable to true, and then attempting to change it back to false through TMSH causes validation errors related to SSHD configuration. Users are not expected to change this value without using the ccmode script.

Impact

Validation errors. The BIG-IP system remains stuck in Common Criteria mode when it is not desired.

Conditions

Changing the security.commoncriteria db variable to true, and then back to false.

Workaround

None.

Fix Information

None

Behavior Change