Last Modified: Oct 16, 2023
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4
Fixed In:
15.1.0, 14.1.0.6, 14.0.1.1, 13.1.3
Opened: Feb 05, 2019 Severity: 2-Critical
IKE negotiation fails when an unrecognized notify payload type is seen in a message processed by IKEv2.
Negotiation fails with an aborted connection, preventing tunnel creation.
Receiving an IKE message that contains a notify payload whose numeric type value is unrecognized by IKEv2.
A peer can suppress notification payloads with advisory values that get rejected by IKEv2 within the BIG-IP system.
All unknown notify types are now logged and then ignored.