Bug ID 965713: Impact of Microsoft Patch for CVE-2020-1472 on BIG-IP NTLM Front End Authentication

Last Modified: May 07, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Opened: Nov 19, 2020
Severity: 4-Minor


BIG-IP uses the nlad process to establish the communication channels to the Domain Controller for NTLM authentication, using the Netlogon RPC standard. Microsoft patch for CVE-2020-1472 addresses a vulnerability in the Netlogon RPC which is rolled out in two phases. Please refer below external references published by Microsoft on this CVE. 1) https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1472 2) https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc


BIG-IP NTLM front end authentication uses secure Netlogon RPC to communicate with Domain Controller, by default. So BIG-IP should not be impacted when the MS patch for CVE-2020-1472 is enforced.


BIG-IP is configured for NTLM Front end authentication


Not affected so no workaround or mitigation required.

Fix Information


Behavior Change