Forum Discussion
Muhannad
Cirrus
CirrusAn Application ASP.Net vulnerability.
Dear Experts, I need help in the following issue for one of our clients: it seems that some of the WEB servers are infected with CVE-2017-9248 vulnerability which allow hackers to remote attack...
JG
Cumulonimbus
CumulonimbusIt is a cryptographic weakness inherent in the application. Telerik's solutions is either to patch/upgrade or disable certain functionality (a handler) within the application (See: https://www.telerik.com/support/kb/aspnet-ajax/details/cryptographic-weakness).
It seems that neither could be done in your situation from the fact that you were asked to provide a solution on F5.
One way of mitigating the situation is to enforce user authentication for the application on the F5, preferably with the use of APM. That way you would have a way of controlling the access at least.
MuhannadCirrus
CirrusThank you.
