Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP LTM
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4
Fixed In:
15.1.0, 14.1.2.7
Opened: Jul 03, 2019
Severity: 3-Major
The last provided cipher suite in the list is chosen if HTTP/2 is negotiated and not matched.
The least-secure cipher suite would be selected.
-- HTTP/2 negotiation is enabled. -- The provided cipher suites are not matched.
Put the most secure cipher suite in the end of the list.
Now the most secure cipher suite is selected regardless of the order in the list.