Blocking Session Management attacks on ASM

Question

hello,
We recently came to know the F5 ASM is not blocking session management attacks which discloses the admin username and password on reply.&nbsp;
May I know if this has something to do with attack signatures or through dynamic parameters.&nbsp;
Regards,&nbsp;
Akhtar&nbsp;

michael_koyfman · Answer

Can you please explain the exact nature of the attack you are referring to?  What exactly are you observing?&nbsp;

michael_koyfma1 · Answer

Can you please explain the exact nature of the attack you are referring to?  What exactly are you observing?&nbsp;

akhtar_109015 · Answer

&nbsp;

akhtar_109015 · Answer

I have uploaded the HTTP request and response snapshots from a PT tool.

In the response from a server we see the password in clear text. Can we tune the ASM policy to track the session and encrypt the passwords in the HTTP responses ?

Akhtar

akhtar_109015 · Answer

I have uploaded the HTTP request and response snapshots from a PT tool.

In the response from a server we see the password in clear text. Can we tune the ASM policy to track the session and encrypt the passwords in the HTTP responses ?

Akhtar

Forum Discussion

Blocking Session Management attacks on ASM

8 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Zero Trust building blocks - Machine Identity Management (MIM) and Workload Protection

Zero Trust building blocks - F5 BIG-IP Access Policy Manager (APM) and PingIdentity

Re: Management Certificate

NGINX Management Suite API Connectivity Manager - Modern API driven Applications

Managing NGINX App Protect WAF for Beginners