For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

f5mkuDefault's avatar
f5mkuDefault
Icon for Cirrus rankCirrus
Feb 26, 2021

3rd party vulnerability scan

Hi Experts,   I'd like to get some help with another issue.   We have this new 3rd party vendor that will be scanning the webservices hosted in LTM. The Big-IP also runs with ASM. We tested ...
application delivery
ASM Advanced WAF
LTM
VAscan
f5mkuDefault's avatar
f5mkuDefault
Icon for Cirrus rankCirrus
Mar 02, 2021

Hi Pete, sorry for late response. We actually tested again focused on 1 specific website and confirmed that the scanner is able to hit the main page of the website. However the scan will stop. Base from the ASM we see some events from scanner to VS hitting some page. It looks like the real server is the one causing some issues. Not too sure if its a permission issue. Any idea what we need to adjust on the real server end?

f5mkuDefault's avatar
f5mkuDefault
Icon for Cirrus rankCirrus
Mar 02, 2021

yes, the webservices works fine for the users, this is what we keep mentioning to the vendor, also in ASM event logs we can see ASM is recommending to block but the response is not accepted. means F5 don't accept the recommendation since we have whitelisted the scanner IP address. With or without the ASM is just the same, we suspect its on the webserver (real server) maybe some permission gets denied since scanner can hit the main page but subpages cannot.

 

we'll update this thread once it gets resolve. thank yiou