F5.BIG.IP.SSL.Session.Tickets.Information.Disclosure
Description
This indicates an attack attempt against an Information Disclosure vulnerability in BIG-IP virtual server.
The vulnerability is due to insufficient input validation in the application when handling a crafted SSL Client Hello. A remote attacker can exploit this to gain unauthorized access to sensitive information via a crafted SSL packet.
Affected Products
F5 Networks BIG-IP AAM 12.0.0 - 12.1.2
F5 Networks BIG-IP AAM 11.4.0 - 11.6.1
F5 Networks BIG-IP AFM 12.0.0 - 12.1.2
F5 Networks BIG-IP AFM 11.4.0 - 11.6.1
F5 Networks BIG-IP Analytics 12.0.0 - 12.1.2
F5 Networks BIG-IP Analytics 11.4.0 - 11.6.1
F5 Networks BIG-IP APM 11.4.0 - 11.6.1
F5 Networks BIG-IP APM 12.0.0 - 12.1.2
F5 Networks BIG-IP ASM 11.4.0 - 11.6.1
F5 Networks BIG-IP ASM 12.0.0 - 12.1.2
F5 Networks BIG-IP Link Controller 11.4.0 - 11.6.1
F5 Networks BIG-IP Link Controller 12.0.0 - 12.1.2
F5 Networks BIG-IP LTM 11.4.0 - 11.6.1
F5 Networks BIG-IP LTM 12.0.0 - 12.1.2
F5 Networks BIG-IP PEM 11.4.0 - 11.4.1
F5 Networks BIG-IP PEM 12.0.0 - 12.1.2
F5 Networks BIG-IP PSM 11.4.0 - 11.6.1
F5 Networks BIG-IP PSM 12.0.0. - 12.1.2
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
https://support.f5.com/csp/article/K05121675
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |