Forum Discussion

OTS02's avatar
Icon for Cirrus rankCirrus
Jul 22, 2020

CVE 2020-5902 Point Release with VS Client Authentication

Just upgraded LTMs from version to Build 0.0.10 Point Release 2.

Have VSs that request Client Authentication, and an iRule that loops through the client certs, and scrutinizes the certificates.

The Point Release delivers the client certificates in a different format than version This caused the iRule to reject the certificates.

So if you have a VS that request and examines client certificates, and are going to install a version that fixes CVE 2020-5902, please be aware that you may have to edit you iRule to look for a slightly different format.