Forum Discussion

Nimbostratus

Jan 04, 2010

The remote load balancer suffers from an information disclosure vulnerability at port 80 and 443

I am looking a solution for this issue..... I have BIGIP (BIG-IP 9.3.1 Build 37.1) Port http (tcp/80) Synopsis : The remote load balancer suffers from an i...

Cirrostratus

Mar 22, 2012

Hi Chris,

The simple fix is to encrypt the persistence cookie:

sol7784: Overview of cookie encryption

https://support.f5.com/kb/en-us/solutions/public/7000/700/sol7784.html?sr=20249094

I'd encourage you to open a case with F5 Support and request a checkbox option on the cookie insert persistence profile to encrypt the persistence cookie.

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

The remote load balancer suffers from an information disclosure vulnerability at port 80 and 443

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Checking for X-Forwarded-For against an Address Data-Group

SSL Bridging and FQDN rewrite Policy

Cisco TACACS+ Config on ISE LTM Pair

iRule causing requests to be duplicated (sometimes)

How can I get started with iCall

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

Mitigate OWASP LLM Security Risk: Sensitive Information Disclosure Using F5 NGINX App Protect

F5 BIG-IP Cookie Remote Information Disclosure (20089)

OpenSSH vulnerability

Mitigating Log4j Vulnerability using F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS