Forum Discussion

Cirrus

May 01, 2020

Cookie Encyrption Question - I'm confused

Recently we were notified by our Security team that the F5 cookies were not secure and needed to be adjusted. F5 BIG-IP Cookie Remote Information Disclosure (20089) (Tenable scan) I sta...

MVP

May 03, 2020

if you read the Tenable article:

https://www.tenable.com/plugins/nessus/20089

then it does seem to indicate this is about the persistence cookie, so it is weird you say persistence isn't used.

can the security team perhaps show some "proof" about which cookie and for which virtual server this is?

if it is about the F5 cookie, then you don't have to change anything on the http profile, as that is for the backend server cookies.

Forum Discussion

Cookie Encyrption Question - I'm confused

Recent Discussions

Cannot login to Avaya wanx using f5 apm network access

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

BWC iRule

Citrix XenServer Big-IP Upgrade help

Related Content

AS3 TLS_Client VS TLS_Server Schema confusion

Health monitor question

Cache Confusion

F5 Connection Mirroring question

Novice Question - irules