Forum Discussion

siru_129409's avatar
siru_129409
Icon for Nimbostratus rankNimbostratus
Jun 03, 2015

Vulnerability - F5 BIG-IP COOKIE REMOTE INFORMATION DISCLOSURE

One of my client did a Penetration testing on their web application which is load balanced by the F5 LTM, the penetration tester found the following vulnerability on the F5

 

Can any one help me how can i remove this vulnerability. My F5 version is 11.5.1

 

Vulnerability Name

F5 BIG-IP COOKIE REMOTE INFORMATION DISCLOSURE

 

Descripiton

The remote load balancer suffers from an information disclosure vulnerability. The remote host appears to be an F5 BIG-IP load balancer. The load balancer encodes the IP address of the actual web server that it is acting on behalf of within a cookie. Additionally, information after 'BIGipServer' is configured by the user and may be the logical name of the device. These values may disclose sensitive information, such as internal IP addresses and names.

 

Request Detail Cookie : BIGipServerWpWeb-http=25615316712.29780.0000 IP : 192.168.X.10 Port : 80 Cookie : BIGipServerWpWeb-http=2600235796.20480.0000 IP 192.168.X.15 Port : 80

Any help will be highly appreciated...