|
Family: Web Servers --> Category: infos
F5 BIP-IP Cookie Persistence Vulnerability Scan
Vulnerability Scan Summary F5 BIP-IP(R) Cookie Persistence
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote load balancer suffers from an information disclosure
vulnerability.
Description :
The remote host appears to be a F5 BigIP load balancer which encodes
within a cookie the IP address of the actual web server it is acting
on behalf of. Additionally, information after 'BIGipServer' is
configured by the user and may be the logical name of the device.
These values may disclose sensitive information, such as internal IP
addresses and names.
Solution:
http://asia.f5.com/solutions/archives/techbriefs/cookie.html
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|