Forum Discussion

Nimbostratus

Dec 09, 2020

Solved

F5 Device Administration/configuration - Vulnerabilities

Can someone help me to understand using self-signed certificate for BIGIP LTM box falls in non-compliant as long as our device will be accessed only by network administrators?

application delivery

BIG-IP

LTM

Lidev
Dec 09, 2020
Hi,
Using self-signed certificates can pose a number of challenges, severals attacks have successfully exploited self-signed certificates (MitM attack, Drye Banking Trojan etc.)
So, even if your device is only access by network administrators, it's not something to be advised (there's a risk if one of the admin account or admin access is compromised)

A good article on this topic : When are self-signed certificates acceptable?

Regards

Lidev

MVP

Dec 09, 2020

Hi,

Using self-signed certificates can pose a number of challenges, severals attacks have successfully exploited self-signed certificates (MitM attack, Drye Banking Trojan etc.)

So, even if your device is only access by network administrators, it's not something to be advised (there's a risk if one of the admin account or admin access is compromised)

A good article on this topic : When are self-signed certificates acceptable?

Regards

Forum Discussion

F5 Device Administration/configuration - Vulnerabilities

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Vulnerability CVE-2023-45648 in ApacheTomcat

Device Management

Reviewing vulnerability scanner results for an APM protected Virtual Server - part two