Forum Discussion

securityninja_2

Icon for Nimbostratus rank

Nimbostratus

Mar 19, 2017

ASM information leakage category attack type

Hi there,

Can anyone please explain why the following attached HTTP-request traffic categorized as "information Leakage" in ASM traffic log? Thanks

ASM Advanced WAF

2 Replies

KeesvandenBos
MVP
Mar 20, 2017
Based on your screenshot my wildest guess would be that your persistence cookie isn't encrypted and has the default name. (and that it is leaking the internal ip address and server port)

I can tell your internal server listens on port 443 and it's ip address end's with .152

The ASM could see this as information leaking.

Cheers,

Kees
KeesvandenBos
MVP
Mar 21, 2017
Sai,

If you enable cookie encryption on the cookie persistence profile, does this mitigate the information leaking?

Cheers,

Kees

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5