Bug ID 727136: One dataset contains large number of variations of TLS hello messages on Chrome

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP AFM, ASM(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1

Fixed In:
15.0.0, 14.1.0.2

Opened: Jul 08, 2018
Severity: 3-Major

Symptoms

Dataset of TLS fingerprints of clients of a site can consume significantly more space than needed.

Impact

Dataset is full, so it does not contain a full TLS fingerprints set. As result there is a risk of creating false-positive TLS signatures.

Conditions

-- BADOS with TLS signatures. -- AFM end user clients using the Mozilla Chrome browser.

Workaround

Turn off TLS signatures.

Fix Information

Dataset of TLS fingerprints contains unique TLC fingerprints regardless GREASE ciphers.

Behavior Change