Intrusion PreventionF5.BIG.IP.SSL.Session.Tickets.Information.Disclosure
Description
This indicates an attack attempt against an Information Disclosure vulnerability in BIG-IP virtual server.
The vulnerability is due to insufficient input validation in the application when handling a crafted SSL Client Hello. A remote attacker can exploit this to gain unauthorized access to sensitive information via a crafted SSL packet.
Affected Products
F5 Networks BIG-IP AAM 12.0.0 - 12.1.2
F5 Networks BIG-IP AAM 11.4.0 - 11.6.1
F5 Networks BIG-IP AFM 12.0.0 - 12.1.2
F5 Networks BIG-IP AFM 11.4.0 - 11.6.1
F5 Networks BIG-IP Analytics 12.0.0 - 12.1.2
F5 Networks BIG-IP Analytics 11.4.0 - 11.6.1
F5 Networks BIG-IP APM 11.4.0 - 11.6.1
F5 Networks BIG-IP APM 12.0.0 - 12.1.2
F5 Networks BIG-IP ASM 11.4.0 - 11.6.1
F5 Networks BIG-IP ASM 12.0.0 - 12.1.2
F5 Networks BIG-IP Link Controller 11.4.0 - 11.6.1
F5 Networks BIG-IP Link Controller 12.0.0 - 12.1.2
F5 Networks BIG-IP LTM 11.4.0 - 11.6.1
F5 Networks BIG-IP LTM 12.0.0 - 12.1.2
F5 Networks BIG-IP PEM 11.4.0 - 11.4.1
F5 Networks BIG-IP PEM 12.0.0 - 12.1.2
F5 Networks BIG-IP PSM 11.4.0 - 11.6.1
F5 Networks BIG-IP PSM 12.0.0. - 12.1.2
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
https://support.f5.com/csp/article/K05121675
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 43828 |
| Created | Mar 28, 2017 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2016-9244 |
| Exploit Prediction Score | 95.73% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |