What is the severity of F5-K000132686?

F5-K000132686 is classified as a medium severity vulnerability due to the potential for a Triple Handshake Attack.

How do I fix F5-K000132686?

To mitigate F5-K000132686, upgrade to the specified versions that include the Extended Master Secret extension.

Which products are affected by F5-K000132686?

F5-K000132686 affects multiple versions of F5 BIG-IP, BIG-IQ Centralized Management, and F5OS products.

Can F5-K000132686 be exploited remotely?

Yes, F5-K000132686 can be exploited remotely if the vulnerable TLS protocol is in use.

What is the main weakness in F5-K000132686?

The main weakness in F5-K000132686 is a flaw in master secret negotiation in the original TLS protocol.

Vulnerability/
F5-K000132686

medium

4.2

28/2/2023

3/3/2025

F5-K000132686

First published: Tue Feb 28 2023(Updated: )

The original TLS protocol includes a weakness in master secret negotiation, potentially allowing the Triple Handshake Attack that is mitigated by the Extended Master Secret (EMS) extension defined in RFC 7627.

Affected Software	Affected Version	How to fix
F5 BIG-IP and BIG-IQ Centralized Management	>=17.0.0<=17.1.2	17.5.0
F5 BIG-IP and BIG-IQ Centralized Management	>=16.1.0<=16.1.5
F5 BIG-IP and BIG-IQ Centralized Management	>=15.1.0<=15.1.10
F5 BIG-IP and BIG-IQ Centralized Management	>=14.1.0<=14.1.5
F5 BIG-IP and BIG-IQ Centralized Management	>=13.1.0<=13.1.5
F5 BIG-IP and BIG-IQ Centralized Management	>=8.0.0<=8.3.0
F5 BIG-IP and BIG-IQ Centralized Management	=7.1.0
F5 F5OS	>=1.3.0<=1.3.2
F5 F5OS	>=1.5.0<=1.5.1>=1.3.0<=1.3.2
F5 Traffix Systems Signaling Delivery Controller	=5.1.0	5.2.0

Never miss a vulnerability like this again

Reference Links

https://my.f5.com/manage/s/article/K000132686

Frequently Asked Questions

What is the severity of F5-K000132686?
F5-K000132686 is classified as a medium severity vulnerability due to the potential for a Triple Handshake Attack.
How do I fix F5-K000132686?
To mitigate F5-K000132686, upgrade to the specified versions that include the Extended Master Secret extension.
Which products are affected by F5-K000132686?
F5-K000132686 affects multiple versions of F5 BIG-IP, BIG-IQ Centralized Management, and F5OS products.
Can F5-K000132686 be exploited remotely?
Yes, F5-K000132686 can be exploited remotely if the vulnerable TLS protocol is in use.
What is the main weakness in F5-K000132686?
The main weakness in F5-K000132686 is a flaw in master secret negotiation in the original TLS protocol.

agent/last-modified-date
agent/references
agent/severity
agent/source
agent/type
agent/description
agent/first-publish-date
agent/softwarecombine
agent/event
agent/tags
collector/f5-advisory
source/F5
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/f5
canonical/f5 big-ip and big-iq centralized management
version/f5 big-ip and big-iq centralized management/17.0.0
version/f5 big-ip and big-iq centralized management/17.1.2
version/f5 big-ip and big-iq centralized management/16.1.0
version/f5 big-ip and big-iq centralized management/16.1.5
version/f5 big-ip and big-iq centralized management/15.1.0
version/f5 big-ip and big-iq centralized management/15.1.10
version/f5 big-ip and big-iq centralized management/14.1.0
version/f5 big-ip and big-iq centralized management/14.1.5
version/f5 big-ip and big-iq centralized management/13.1.0
version/f5 big-ip and big-iq centralized management/13.1.5
version/f5 big-ip and big-iq centralized management/8.0.0
version/f5 big-ip and big-iq centralized management/8.3.0
version/f5 big-ip and big-iq centralized management/7.1.0
canonical/f5 f5os
version/f5 f5os/1.3.0
version/f5 f5os/1.3.2
version/f5 f5os/1.5.0
version/f5 f5os/1.5.1
canonical/f5 traffix systems signaling delivery controller
version/f5 traffix systems signaling delivery controller/5.1.0