For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Chris_Paulraj_1's avatar
Chris_Paulraj_1
Icon for Nimbostratus rankNimbostratus
Jan 20, 2009

Could someone shed light on "Modified Domain Cookie" violations?

I need some help in understanding the modified cookie domain violation. Does ASM report it when a cookie gets modified at the client side (browser)? and does it also report when a cookie gets updated ...
app sec
BIG-IP Access Policy Manager (APM)
security
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Jan 26, 2009
Is the cookie that's generating the violation set by the app with an expiration time? If so, it's possible that clients get the cookie from the app (along with a corresponding session cookie from ASM), close their browser, lose the ASM cookie, reopen the browser and then make a new request to the VIP with just the app cookie.

 

 

Can you reproduce the errors by browsing the site? If so, you could try using a browser plugin like HttpFox for FF or Fiddler for IE to trace the cookies being sent/received.

 

 

Aaron