Get a demo Acunetix Website Security Scanner Get a demo
  • Product
  • Why Acunetix?
    • Solutions
      • INDUSTRIES
        • IT & Telecom
        • Government
        • Financial Services
        • Education
        • Healthcare
      • ROLES
        • CTO & CISO
        • Engineering Manager
        • Security Engineer
        • DevSecOps
    • Case Studies
    • Customers
    • Testimonials
  • Pricing
  • About Us
    • Our story
    • In the news
    • Careers
    • Contact
  • Resources
    • Blog
    • Webinars
    • White papers
    • Buyer’s guide
    • Partners
    • Support
  • Get a demo
WEB APPLICATION VULNERABILITIES Standard & Premium

F5 BIG-IP Cookie Information Disclosure

Description

The web application uses an F5 BIG-IP load balancer. It sets a cookie that may include sensitive information about backend servers. An unauthenticated attacker may decode the cookie and get this information

Remediation

Consult Web references for more information about the possible improvements

References

K6917: Overview of BIG-IP persistence cookie encoding

K14784: Configuring cookie encryption within the HTTP profile

K23254150: Configuring cookie encryption for BIG-IP persistence cookies from the cookie persistence profile

Related Vulnerabilities

WordPress Plugin Total Upkeep-WordPress Backup plus Restore & Migrate by BoldGrid Information Disclosure (1.14.9)

Java Management Extensions (JMX/RMI) service detected

WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Vulnerabilities (3.6.3)

WordPress Plugin W3 Total Cache Multiple Vulnerabilities (0.9.4.1)

WordPress Plugin Customize WordPress Emails and Alerts-Better Notifications for WP Information Disclosure (1.8.6)

Severity

Low

Classification

CWE-200 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Take action and discover your vulnerabilities

Get a demo
Product Information
  • AcuSensor Technology
  • AcuMonitor Technology
  • Acunetix Integrations
  • Vulnerability Scanner
  • Support Plans
Use Cases
  • Penetration Testing Software
  • Website Security Scanner
  • External Vulnerability Scanner
  • Web Application Security
  • Vulnerability Management Software
Website Security
  • Cross-site Scripting
  • SQL Injection
  • Reflected XSS
  • CSRF Attacks
  • Directory Traversal
Learn More
  • White Papers
  • TLS Security
  • WordPress Security
  • Web Service Security
  • Prevent SQL Injection
Company
  • About Us
  • Customers
  • Become a Partner
  • Careers
  • Contact
Documentation
  • Case Studies
  • Support
  • Videos
  • Vulnerability Index
  • Webinars
  • Login
  • Invicti Subscription Services Agreement
  • Privacy Policy
  • Terms of Use
  • Sitemap
  • Find us on Facebook
  • Follow us on Twiter
  • Follow us on LinkedIn

© Acunetix 2023, by Invicti