Forum Discussion

R_Marc_77962's avatar
R_Marc_77962
Icon for Nimbostratus rankNimbostratus
Mar 31, 2015

ASM Cookie Hijacking

I have an app co-prossessing to two datacenters.

 

In DC1, I'm running 11.4.1 HF3 In DC2, I'm running 11.6 HF3

 

One other difference is in DC2 I've enabled secure ASM cookies.

 

In DC2 I get a lot of: ASM Cookie Hijacking In DC1 I get none of that, it's pretty clean.

 

Otherwise they have identicle configurations (I explicitly exported the ASM policy out of DC1 and imported into into DC2).

 

I think these are false positives, but the only solution article I came accross doesn't apply. Anyone have a suggestion, or is there some other information that would be helpful to come to a conclusion?

 

ASM Advanced WAF
security

1 Reply

  • Arnaud_Lemaire's avatar
    Arnaud_Lemaire
    Icon for Employee rankEmployee
    Apr 13, 2015

    Are you in a active/active scenario ? it could be that valid user attached in DC1 is at some point routed to DC2 and ASM detect a TS cookie he didn't generated ?