One of my client did a Penetration testing on their web application which is load balanced by the F5 LTM, the penetration tester found the following vulnerability on the F5
Can any one help me how can i remove this vulnerability.
My F5 version is 11.5.1
F5 BIG-IP COOKIE REMOTE INFORMATION DISCLOSURE
The remote load balancer suffers from an information disclosure vulnerability.
The remote host appears to be an F5 BIG-IP load balancer. The load balancer encodes the IP address of the
actual web server that it is acting on behalf of within a cookie. Additionally, information after 'BIGipServer'
is configured by the user and may be the logical name of the device. These values may disclose sensitive
information, such as internal IP addresses and names.
Any help will be highly appreciated...
F5 LTM are sending session cookies in clear ( default behaviour )
modify the http profile for Virtual Server that use cookie persistence and use the encrypt cookie option
Ref: sol14784: Configuring BIG-IP cookie encryption (10.x - 11.x)
Yes its Working...:)
thanks for your support..