Last Modified: Sep 14, 2023
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 14.1.5.4, 14.1.5.6
Fixed In:
15.0.0
Opened: Jun 21, 2018 Severity: 3-Major
The CRL File in config for an IKEv1 ike-peer does not actually do anything, so it should not be presented in the web GUI. It also appears in the tmsh command line.
The CRL file is not used in certificate checking.
When using the configuration utility (web UI), the config for an IKEv1 ike-peer allows you to specify a CRL file that is not actually used for anything.
There is no workaround other than not configuring the unused file.
None