5 matches found
K000132686: TLS Triple Handshake Attack vulnerability
Security Advisory Description The original TLS protocol includes a weakness in master secret negotiation, potentially allowing the Triple Handshake Attack that is mitigated by the Extended Master Secret EMS extension defined in RFC 7627. Impact This vulnerability may allow an unauthenticated...
K09121542: BIG-IP SSL/TLS vulnerability CVE-2021-22981
Security Advisory Description The original TLS protocol includes a weakness in the master secret negotiation that is mitigated by the Extended Master Secret EMS extension defined in RFC 7627. TLS connections that do not use EMS are vulnerable to man-in-the-middle attacks during renegotiation...
CVE-2021-22981
On all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation that is mitigated by the Extended Master Secret EMS extension defined in RFC 7627. TLS connections that do not use EMS are vulnerable to man-in-the-middle attacks during...
CVE-2021-22981
CVE-2021-22981 affects BIG-IP (LTM, AAM, and other modules) on 12.1.x and 11.6.x where TLS renegotiation can be exploited if EMS (RFC 7627) is not used; this enables man‑in‑the‑middle attacks via the master-secret negotiation (Triple Handshake). The issue is caused by the original TLS protocol la...
October 8, 2019—KB4519990 (Security-only update)
October 8, 2019—KB4519990 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Security updates to Windows Cryptography, Windows Authentication, Windows Kernel, Windows Storage and Filesystems, Microsoft JET Database Engine, Internet...