THE_BLUE
Mar 26, 2024Cirrostratus
CVE-2024-21410
does F5 has mitigation for CVE-2024-21410 ?
based on microsoft document we must disble ssl offloding with load balancer , as below
SSL Offloading scenarios
Extended Protection isn't supported in environments that use SSL Offloading. SSL termination during SSL Offloading causes Extended Protection to fail. To enable Extended Protection in your Exchange environment, you must not be using SSL offloading with your Load Balancers.
so does this mean disable https between WAF and Server (pool) and only https will be exist from Client to WAF