F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Juergen_Mang's avatar
Juergen_Mang
Icon for MVP rankMVP
Oct 30, 2023

K000137322: BIG-IP iRule or LTM policy may generate multiple HTTP redirect responses

Since I didn't almost miss the announcement of this vulnerability, I want to share it again here. Have you already mitigations in place? Request smuggling is not a completely new problem. https:/...
security
John_Adams's avatar
John_Adams
Icon for Altocumulus rankAltocumulus
Nov 02, 2023

I'm working on this now. I wrote a Perl script to parse an excerpt from bigip.conf--all the entries beginning "ltm virtual "--and generate commands to modify all the virtual servers with an affected iRule. That's my naïve approach to it.

What I'm not totally clear on is two-fold: How serious is this issue and how effective is this mitigation?