Forum Discussion

Cirrostratus

Mar 26, 2024

CVE-2024-21410

does F5 has mitigation for CVE-2024-21410 ? based on microsoft document we must disble ssl offloding with load balancer , as below SSL Offloading scenarios Extended Protection isn't supported in...

application delivery

security

THE_BLUE

Cirrostratus

Thank you for your clarification.

How to enable ssl bridging ? what i should configure in WAF ? , if i enabled https (port 443) from client to WAF with client ssl and enable http (port 80) from WAF to server (pool) and no server ssl profile. Does this achieve ssl bridging ?

Paulius

MVP

Mar 27, 2024

THE_BLUE SSL bridging can be configured by using both the client and server SSL profile. By the end of this configuration the F5 will decrypt traffic using the SSL server profile and then re-encrypt using the SSL client profile.

Forum Discussion

CVE-2024-21410

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

Re: Exchange server extended protection and BigIP

Log-in attacks, Ransomware gangs, Autohack with LLMs-Feb 18-24, 2024- F5 SIRT- This Week in Security

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS