For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Cpet's avatar
Cpet
Icon for Altocumulus rankAltocumulus
Jul 29, 2019

Security issue - Oracle Identity System Administration login screen is exposed to public

Hi to all,   I have a cluster with 2 Big-IP VM ver13.1 .A VS has the role to load balanced OAM.I discovered that the Oracle Identity System Administration login screen is exposed to public.I foun...
BIG-IP
iRules
security
Cpet's avatar
Cpet
Icon for Altocumulus rankAltocumulus
Aug 07, 2019

Hi iaine,

 

I think the irule does not work due syntax error.

My portal (URL) is https://blabla.com//sysadmin/faces/signin

So i wrote the following.Please advise if the bold type (URI) fields are correct.

 

when CLIENT_ACCEPTED {

if {not [IP::addr [IP::client_addr] equals 10.0.40.0/24]} {

               log local0. "[IP::client_addr] does not match 10.0.40.0/24 AND access URI = /sysadmin/faces/signin"

set static::drop_notallowed 1

}

}

 

when HTTP_REQUEST {

if { [string tolower [HTTP::uri]] starts_with "https://blabla.com/sysadmin/faces/signin" }{

if {$static::drop_notallowed==1}{

drop

}

}

 

}