Vigil@nce - F5 BIG-IP: SessionID disclosure in the URL
June 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can read URLs used after a redirection by F5 BIG-IP,
in order to obtain the session cookie, and possibly to access to
the service.
– Impacted products: BIG-IP Hardware, TMOS.
– Severity: 2/4.
– Creation date: 11/04/2016.
DESCRIPTION OF THE VULNERABILITY
The F5 BIG-IP product uses a session cookie which can be stored in
the F5SSO_SID or F5Networks-SSO-Resp variables.
However, after a redirection, this session cookie is added in the
URL. An attacker who reads this value can then access to the
service.
An attacker can therefore read URLs used after a redirection by F5
BIG-IP, in order to obtain the session cookie, and possibly to
access to the service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/F5-BIG-IP-SessionID-disclosure-in-the-URL-19330