http2MaxRxResetFramesPerMin of nshttp_default_internal_apps can be set 0 on 13.0 Build 92.21.

http2MaxRxResetFramesPerMin can be set 0 on 13.0 Build 92.21 in the following situation. - HA pair's Secondary. - Running clear config. nshttpdefaultinternalapps is not binded as default and also not enabled HTTP2 option, so it's very unlikely to be affected...

How to change NSIP's and SNIP of the Citrix ADC which is configured in HA pair

Citrix ADC 13.1 - ADC is down after changing the NSIP and removing one of the interface on the ADC and binding other interface with different VLAN configurations...

K45320419: TMM with HTTP/2 vulnerability CVE-2018-5514

Security Advisory Description Maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue. CVE-2018-5514 Impact The BIG-IP system may temporarily fail ...

K12044607: TMM vulnerability CVE-2017-6132

Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners...

Design/Logic Flaw

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability HA pair transfer sensitive cryptographic objects over an insecure communications channel. This is a control plane issue which is exposed only o...

CVE-2020-5885

CVE-2020-5885 affects F5 BIG-IP in HA connection mirroring setups. A control plane issue allows on-path attackers to read/modify keys used for EXPORT-based cipher suites by transferring sensitive cryptographic objects over an insecure channel. Affected versions and fixes per vendor advisories: BI...

CVE-2020-5884

CVE-2020-5884 affects BIG-IP high availability (HA) state/connection mirroring. The advisory lists vulnerable branches and versions: 15.0.0–15.1.0.3, 14.1.0–14.1.2.4, 13.1.0–13.1.3.3, 12.1.0–12.1.5.1, and 11.6.1–11.6.5.1. The issue is a control plane weakness in the default mirroring deployment m...

F5 Networks BIG-IP : TMM vulnerability (K46940010)

A malformed Transport Layer Security TLS handshake causes the Traffic Management Microkernel TMM to stop responding, leading to a disruption of service. This issue is only exposed on the data plane when a Proxy SSL configuration is enabled. The control plane is not impacted by this issue...