F5 Fixes Major BIG-IP Load Balancer Security Flaw Before PCI Deadline
F5 Networks has addressed a significant security flaw in its BIG-IP Load Balancer. The vulnerability, identified as QID 86725, involves the disclosure of internal IP addresses. This issue will result in a PCI failure starting May 1, 2018.
F5 published the solution before May 1, 2018, on their support website. They offer multiple remediation methods to mitigate the risk. The vulnerability, known as 'F5 BIG-IP Load Balancer Internal IP Address Disclosure', occurs due to the encoding of private IP addresses in persistent cookies. Attackers can collect and decode these cookies, exposing sensitive information.
The encoding and decoding process is well-documented and relatively simple, contributing to a high Common Vulnerability Scoring System (CVSS) score. This high score indicates a severe impact on confidentiality and integrity.
F5 Networks has provided remedies for the QID 86725 vulnerability in their BIG-IP Load Balancer. Users should apply these solutions promptly to avoid PCI compliance failure and protect their systems from potential attacks.
Read also:
- Pablo Escobar's Former Estate 'Hacienda Nápoles' to Be Transformed by Women's Organization
- Emergency services of the future revealed by Renault with the introduction of the Vision 4Rescue vehicle.
- Dortmund Customs Find Wage, Employment, and Benefit Fraud in Hotel and Gastronomy Sector
- SonicWall executive Michael Crean discusses the current state of managed security
