HTTP Cookie Insert method Vulnerability Issue

Hi,

 

After doing PCI Scan, the Virtual-Server where "HTTP Cookie Insert method" is associated, its showing clearly the below information:

 

F5 BIG-IP Cookie Information:

 

Disclosure Vulnerability The remote host appears to be a F5 BigIP load balancer which encodes within a cookie the IP address of the actual web server it is acting on behalf of. Additionally, information after 'BIGipServer' is configured by the user and may be the logical name of the device. These values may disclose sensitive information, such as internal IP addresses and names. Service: Apache Evidence: • Virtual Host: 125.1.1.10 • Discovered IP Address: 10.1.1.1 • Discovered IP Address: 10.1.1.2

 

I was going through so many online readings, but it didn't cleared much. Kindly guide how can we avoid this or if possible encrypt/decrypt this.

 

We are using 10.x version LTM.

 

Thanks and Regards