Forum Discussion

Nimbostratus

8 years ago

Host header vulnerability

This interesting vulnerability was found with a simple redirect irule by injecting a bad actor site as a host header, the F5 will redirect based on the host header and not on the host within the URL ...

Hannes_Rapp

Nimbostratus

8 years ago

Yup, as noted, this is not a vulnerability. I understand auditors must at all times provide as many vulnerability findings to justify their job but I've not yet met anyone provide me crap that does not relate to security at all. If one of your clients is a victim of a MITM attack, he is susceptible to worse things than HTTP Host rewrites. If there's a takeaway, consider another security audit firm, or ask for someone who knows his stuff a bit better.

The only vulnerability I see here is that "BigIP" is exposed as value of Server header. This qualifies as "low risk" security issue because attacker can use this information to look for existing exploits against BigIP software, or use the knowledge to his advantage in any other way.

Forum Discussion

Host header vulnerability

Recent Discussions

DNS topology not distributing as expected

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

which virtual server will be hit?

Questions on device trust

Restore configuration to GTM Sync Group device

Related Content

(HTTP) Redirection via Arbitrary Host Header

Rewrite Host Header to Server Name

host header in F5

Host header injection iRule

Mitigating Log4j Vulnerability using F5 BIG-IP