Forum Discussion

Nimbostratus

Mar 30, 2021

Cookie Does Not Contain The "secure" Attribute on ltm vip

Our security team reported that multiple vulnerabilities has been detected on one of VIP: 1.2.3.4 (on BIG-IP LTM v12.1.2 version.) Please refer the list as below 1.Cookie Does Not Contain The...

application delivery

ASM Advanced WAF

F5 Distributed Cloud WAAP

MVP

Mar 31, 2021

Indeed, if you don't use the ASM module, you have to check this on the backend server, look at the configured Set-Cookie header (Secure; HttpOnly).

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies

Regards

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM
Nov 21, 2024
ZakJ96
TS Declarations for DNS
Nov 21, 2024
Bryan_T_
APM file and registry key date check 8 days old
Nov 21, 2024
Fabrizio66
SSL bridging without SSL proxy forward
Nov 21, 2024
maciek
Should config via cli rather than gui?
Nov 21, 2024
Herman2024

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Cookie Does Not Contain The "secure" Attribute on ltm vip

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

Related Content

F5 Partner Solution Showcase - "ImmuniWeb - Application Security Testing and Remediation"

How I did it - "Securing Nvidia Triton Inference Server with NGINX Plus Ingress Controller”

LockBit, Pwc2Own, AI, "Othello is solved" Oct30th to Nov5th, 2023 F5 SIRT This Week in Security

Missing TABs in "Application Security" BIG-IP 17.1.1.3 - BIG-IP 15.1.7

Add SameSite attribute to APM Cookies

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS