4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.008 Low
EPSS
Percentile
79.0%
If the previous table lists a version in theVersions known to be not vulnerablecolumn, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.
F5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.
Vulnerability Recommended Actions
BIG-IP
This vulnerability is exploited on the client-browser side of an SSL connection to either a virtual server or to the Configuration utility. In the case of client-browser access to a virtual server, the vulnerability is exploitable without server access, and no exploited packets are sent to the remote server. The following mitigations for this vulnerability are available for SSL profiles and the Configuration utility:
SSL Profiles
Mitigation of this vulnerability is possible for virtual servers using an SSL profile by performing one of the following procedures:
Configuring the SSL profile to use only TLS 1.1 or TLS 1.2 compatible, or RC4-SHA ciphers
Configuring the SSL profile to use only RC4-SHA ciphers
Configuration utility
Mitigation of this vulnerability is possible for the Configuration utility by performing one of the following procedures:
Restricting the Configuration utility to use only TLS 1.2 compatible or RC4-SHA ciphers
Restricting the Configuration utility to use only RC4-SHA ciphers
Configuring the SSL profile to use TLS 1.1 or TLS 1.2 compatible ciphers, or RC4-SHA ciphers
Note: Support for TLS 1.2 was introduced in BIG-IP 10.2.3 and 11.0.0.
For BIG-IP 10.2.4 and 11.x, you can mitigate this vulnerability for an SSL virtual server by configuring the SSL profile to use only TLS 1.1-compatible ciphers, TLS 1.2-compatible ciphers, or RC4-SHA ciphers. For information about configuring the ciphers used by an SSL profile, refer to the following articles:
For example, to configure an SSL profile to use only TLS 1.1-compatible ciphers, TLS 1.2-compatible ciphers, or RC4-SHA ciphers, perform the following procedure:
Note: This workaround cannot be applied to BIG-IP 10.2.3. For more information, refer to SOL13543: The BIG-IP SSL profiles may not allow cipher strings containing AES128, AES256, or TLS1.2.
Impact of workaround: An SSL virtual server configured to use this SSL profile will use only TLS 1.1-compatible ciphers, TLS 1.2-compatible ciphers, or RC4-SHA ciphers. There is limited client browser support for TLS 1.2. Clients who do not support TLS 1.1 or 1.2 may not be able to connect, or will connect using an RC4-SHA cipher. However, RC4 ciphers are not FIPS compliant.
Important: Many client browsers do not support TLS 1.2.
For example, the following string can configure an SSL profile to use only TLS 1.1-compatible and TLS 1.2-compatible ciphers:
DEFAULT:!SSLv3:!TLSv1
If you want the SSL profile to support TLS 1.0 and SSL 3.0 clients, use the following string:
DEFAULT:-SSLv3:-TLSv1:RC4-SHA
If you want the SSL profile to support TLS 1.0, but not SSL 3.0 clients, use the following string:
DEFAULT:!SSLv3:-TLSv1:RC4-SHA
You must now associate the SSL profile with the virtual server.
Alternatively, to configure an SSL profile to use only TLS 1.1-compatible and TLS 1.2-compatible ciphers using thetmshutility, use the following syntax:
tmsh create /ltm profile client-ssl <name> ciphers DEFAULT:!SSLv3:!TLSv1
Similarly, if you want the SSL profile to support TLS 1.0 and SSL 3.0 clients, you can configure an SSL profile using the following tmshcommand syntax:
tmsh create /ltm profile client-ssl <name> ciphers DEFAULT:-SSLv3:-TLSv1:RC4-SHA
And if you want the SSL profile to support TLS 1.0, but not SSL 3.0 clients, you can configure an SSL profile using the following tmshcommand syntax:
tmsh create /ltm profile client-ssl <name> ciphers DEFAULT:!SSLv3:-TLSv1:RC4-SHA
****Configuring the SSL profile to use only the RC4-SHA cipher
For BIG-IP versions that do not support TLS 1.1 or 1.2, you can mitigate this vulnerability for an SSL virtual server by configuring the SSL profile to use only RC4-SHA ciphers. For example, to configure an SSL profile to use only RC4-SHA ciphers, perform the following procedure:
Impact of workaround: Only RC4-SHA ciphers are allowed. Limiting the ciphers supported by the SSL profile may result in clients being unable to establish an SSL connection.
For example, the following string would configure an SSL profile to use only RC4-SHA ciphers:
RC4-SHA
You must now associate the SSL profile with the virtual server.
Note: Alternatively, to configure an SSL profile to use only RC4-SHA ciphers using the** tmsh**utility, use the following syntax:
tmsh create /ltm profile client-ssl <name> ciphers RC4-SHA
Restricting the Configuration utility to use only TLS 1.2 compatible or RC4-SHA ciphers
Note: Support for TLS 1.2 in the Configuration utility was introduced in BIG-IP 11.5.0.
For BIG-IP 11.5.0 and later, you can mitigate this vulnerability for the Configuration utility by restricting the utility to use only TLS 1.2-compatible ciphers or RC4-SHA ciphers. For example, to restrict the utility to use only TLS 1.2-compatible ciphers or RC4-SHA ciphers, perform the following procedure:
Note: Feature enhancements allowing the use of this procedure have also been included in the following software versions: 11.4.1 HF6, 11.4.0 HF9, 11.2.1 HF13, and 10.2.4 HF10.
Impact of workaround: The Configuration utility will use only TLS 1.2-compatible ciphers or RC4-SHA ciphers. There is limited client browser support. TLS 1.2.Clients who do not support TLS 1.2 may not be able to connect, or will connect using an RC4-SHA cipher.
Important: Many client browsers do not support TLS 1.2.
tmsh
list /sys httpd ssl-ciphersuite
For example, the BIG-IP 11.5.1 system displays the following cipher string:
ALL:!ADH:!EXPORT:!eNULL:!MD5:!DES:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2
modify /sys httpd ssl-ciphersuite ‘ALL:!ADH:!EXPORT:!eNULL:!MD5:!DES:!SSLv2:-TLSv1:-SSLv3:RC4-SHA’
Alternatively, if you can restrict to only TLS 1.1 and TLS 1.2 ciphers, then type the following command instead:
modify /sys httpd ssl-ciphersuite ‘ALL:!ADH:!EXPORT:!eNULL:!MD5:!DES:!SSLv2:!SSLv3:!TLSv1’
save /sys config
Restricting the Configuration utility to use only RC4-SHA ciphers
For BIG-IP versions that do not support TLS 1.2, you can mitigate this vulnerability for the Configuration utility by restricting the utility to use only RC4-SHA ciphers. For example, to restrict the utility to use only RC4-SHA ciphers, perform the following procedure:
Impact of workaround: Only RC4-SHA ciphers are allowed. Limiting the ciphers supported by The Configuration utility may result in clients being unable to connect.
tmsh
list /sys httpd ssl-ciphersuite
For example, the BIG-IP 11.5.1 system displays the following cipher string:
ALL:!ADH:!EXPORT:!eNULL:!MD5:!DES:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2
modify /sys httpd ssl-ciphersuite ‘RC4-SHA’
save /sys config
FirePass
Enterprise Manager
ARX
Supplemental Information
SOL8802: Using SSL ciphers with BIG-IP Client SSL and Server SSL profiles
SOL13171: Configuring the cipher strength for SSL profiles (11.x)
SOL7815: Configuring the cipher strength for SSL profiles (9.x - 10.x)
SOL13405: Restricting Configuration utility access to clients using high encryption SSL ciphers (11.x)
SOL13309: Restricting access to the Configuration utility by source IP address (11.x)
SOL13163: SSL ciphers supported on BIG-IP platforms (11.x)
SOL11444: SSL ciphers supported on BIG-IP platforms (10.x)
SOL13156: SSL ciphers used in the default SSL profiles (11.x)
SOL10262: SSL ciphers used in the default SSL profiles (10.x)
SOL9677: BIG-IP LTM compliance with standard FIPS-197
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
Note: The following link takes you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.
Note: For more information about various TLS protocol level attacks and F5 recommendations for mitigating the attacks, refer to the following DevCentral article:
support.f5.com/kb/en-us/solutions/public/10000/200/sol10262.html
support.f5.com/kb/en-us/solutions/public/11000/400/sol11444.html
support.f5.com/kb/en-us/solutions/public/13000/100/sol13156.html
support.f5.com/kb/en-us/solutions/public/13000/100/sol13163.html
support.f5.com/kb/en-us/solutions/public/13000/100/sol13171.html
support.f5.com/kb/en-us/solutions/public/13000/300/sol13309.html
support.f5.com/kb/en-us/solutions/public/13000/400/sol13405.html
support.f5.com/kb/en-us/solutions/public/7000/800/sol7815.html
support.f5.com/kb/en-us/solutions/public/8000/800/sol8802.html
support.f5.com/kb/en-us/solutions/public/9000/600/sol9677.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html
support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html
support.f5.comvnhacker.blogspot.com/2011/09/beast.html
support.f5.comhttps://devcentral.f5.com/articles/which-tls-algorithm-should-i-use#.UiZGfF3n-Ul