Forum Discussion

MVP

Oct 30, 2023

K000137322: BIG-IP iRule or LTM policy may generate multiple HTTP redirect responses

Since I didn't almost miss the announcement of this vulnerability, I want to share it again here. Have you already mitigations in place? Request smuggling is not a completely new problem. https:/...

security

John_Adams

Altostratus

Nov 02, 2023

I'm working on this now. I wrote a Perl script to parse an excerpt from bigip.conf--all the entries beginning "ltm virtual "--and generate commands to modify all the virtual servers with an affected iRule. That's my naïve approach to it.

What I'm not totally clear on is two-fold: How serious is this issue and how effective is this mitigation?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

K000137322: BIG-IP iRule or LTM policy may generate multiple HTTP redirect responses

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

Introduction of Incident Response

Secure, Deliver and Optimize Your Modern Generative AI Apps with F5

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

Generate API SDK for F5 Distributed Cloud

custom response page for api

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS