F5 BIG-IP TMM ClientSSL Profile Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM ClientSSL profile, which stems from the vulnerability when the...

SOL13607 - Hosts may generate weak RSA keys under low entropy conditions

A recent study, linked in the Supplemental Information section, has revealed that when a system generates new RSA keys under low-entropy conditions, such as during the first system boot, the resulting keys may not be cryptographically strong. During its first boot, the BIG-IP system generates...

SOL4944 - SSL decryption vulnerabilities - CR47778, CR48873, CR53987, CR54002

Workaround If upgrading is not an immediate option, you can prevent exploitation of these vulnerabilities temporarily by disabling NATIVE ciphers on any clientssl or serverssl profiles that require or request authentication. To do so, add :!NATIVE to the profiles' ciphers option available in the...