Forum Discussion

Nimbostratus

Mar 03, 2014

TLS Protocol Session Renegotiation Security Vulnerability Prevention

Hi Team, How to prevent TLS Protocol Session Renegotiation Security Vulnerability Issue ? We have LTM running on version 10x. Thanks and Regards Parveez

Parveez_70209

Nimbostratus

Mar 04, 2014

Hi,

As I shared that our Image is : BIG-IP 10.2.4 Build 817.0 Hotfix HF7 and as per the document shared by Kevin, ours should not be vulnerable as : TLS Protocol Session Renegotiation Security Vulnerability.

Seondly Cory, I tried by modifying : 'Secure Renegotiation' to either 'require' or 'require strict'( into SSL Client Profile). But it didn't helped, after scanning the same again, we got the same Vulnerability again.

Kindly suggest.

Thanks and Regards Parveez

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

TLS Protocol Session Renegotiation Security Vulnerability Prevention

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

SSL Legacy Renegotiation vs Secure Renegotiation Explained using Wireshark

SSL Profiles Part 6: SSL Renegotiation

OpenSSH vulnerability

Mitigating Log4j Vulnerability using F5 BIG-IP

BYOEDR, Undetectable backdoor, WhoFi, Cyberattack to airline, and Clickjacking vulnerability

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS