Last Modified: Sep 18, 2019
See more info
Known Affected Versions:
13.1.0, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 13.1.1, 126.96.36.199, 188.8.131.52, 184.108.40.206, 14.0.0, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199
14.1.0, 188.8.131.52, 184.108.40.206
Opened: Aug 06, 2018
In situation where multiple SSL forward proxies are connected via virtual targeting, the SNI value extracted from ClientHello and saved in 1st layer of SSL forward proxy may get overwritten by the 2nd layer of SSL forward proxy. When this happens, certification verification will fail when 1st layer of SSL forward proxy attempts to validate certificate.
Client traffic gets random reset.
Two SSL forward proxies connected via virtual command in iRule.
The search scope of storing parsed SNI is now local to each SSL forward proxy.