F5 BIG-IP - SLOTH: TLS 1.2 handshake vulnerability CVE-2015-7575

The remote host is missing a security patch.

A flaw was found in the way TLS 1.2 uses RSA+MD5 signatures with Client Authentication and ServerKeyExchange messages during a TLS 1.2 handshakes. An attacker with a Man-in-the-Middle network position and the ability to force / observe the use of RSA+MD5 during a TLS Handshake, may be able to successfully generate a hash collision and impersonate a TLS client or server. The vulnerability of CVE-2015-7575 is relevant to cryptography software which supports TLS 1.2 only as earlier versions of TLS used different hash functionality in those protocols.

Checks if a vulnerable version is present on the target host.

See the referenced vendor advisory for a solution.