Think you have a false positive on this rule?

Sid 1-41548

Summary:

    SERVER-OTHER F5 BIG-IP TLS session ticket implementation uninitialized memory disclosure attempt

Impact:

    Confidentiality Impact: PARTIAL Integrity Impact: NONE Availability Impact: NONE

Affected Systems:

    f5 big-ip_global_traffic_manager 11.6.0
    f5 big-ip_local_traffic_manager 12.1.1
    f5 big-ip_application_acceleration_manager 11.5.2
    f5 big-ip_global_traffic_manager 11.6.1
    f5 big-ip_advanced_firewall_manager 11.6.1
    f5 big-ip_analytics 11.4.0
    f5 big-ip_advanced_firewall_manager 11.6.0
    f5 big-ip_analytics 11.4.1
    f5 big-ip_local_traffic_manager 12.1.2
    f5 big-ip_local_traffic_manager 12.1.0
    f5 big-ip_access_policy_manager 11.6.0
    f5 big-ip_application_security_manager 11.5.0
    f5 big-ip_application_security_manager 11.5.1
    f5 big-ip_application_security_manager 11.5.3
    f5 big-ip_application_security_manager 11.5.4
    f5 big-ip_access_policy_manager 11.6.1
    f5 big-ip_policy_enforcement_manager 12.1.1
    f5 big-ip_application_security_manager 11.5.2
    f5 big-ip_policy_enforcement_manager 12.1.2
    f5 big-ip_access_policy_manager 12.0.0
    f5 big-ip_policy_enforcement_manager 12.1.0
    f5 big-ip_advanced_firewall_manager 12.0.0
    f5 big-ip_link_controller 12.1.2
    f5 big-ip_application_acceleration_manager 11.5.4
    f5 big-ip_application_acceleration_manager 11.5.3
    f5 big-ip_application_acceleration_manager 11.5.1
    f5 big-ip_link_controller 12.1.0
    f5 big-ip_application_acceleration_manager 11.5.0
    f5 big-ip_link_controller 12.1.1
    f5 big-ip_global_traffic_manager 11.5.1
    f5 big-ip_global_traffic_manager 11.5.0
    f5 big-ip_local_traffic_manager 11.6.0
    f5 big-ip_application_acceleration_manager 11.6.1
    f5 big-ip_global_traffic_manager 11.5.2
    f5 big-ip_local_traffic_manager 11.6.1
    f5 big-ip_analytics 11.5.3
    f5 big-ip_analytics 11.5.4
    f5 big-ip_global_traffic_manager 11.5.4
    f5 big-ip_analytics 11.5.0
    f5 big-ip_global_traffic_manager 11.5.3
    f5 big-ip_local_traffic_manager 12.0.0
    f5 big-ip_analytics 11.5.1
    f5 big-ip_application_acceleration_manager 12.0.0
    f5 big-ip_analytics 11.5.2
    f5 big-ip_access_policy_manager 11.5.1
    f5 big-ip_access_policy_manager 11.5.0
    f5 big-ip_access_policy_manager 11.5.4
    f5 big-ip_access_policy_manager 11.5.3
    f5 big-ip_application_security_manager 11.4.0
    f5 big-ip_application_security_manager 11.4.1
    f5 big-ip_policy_enforcement_manager 11.6.1
    f5 big-ip_policy_enforcement_manager 11.6.0
    f5 big-ip_access_policy_manager 11.5.2
    f5 big-ip_link_controller 11.4.0
    f5 big-ip_policy_enforcement_manager 12.0.0
    f5 big-ip_link_controller 11.4.1
    f5 big-ip_advanced_firewall_manager 12.1.0
    f5 big-ip_advanced_firewall_manager 12.1.1
    f5 big-ip_application_acceleration_manager 11.6.0
    f5 big-ip_advanced_firewall_manager 12.1.2
    f5 big-ip_global_traffic_manager 11.4.1
    f5 big-ip_local_traffic_manager 11.5.0
    f5 big-ip_local_traffic_manager 11.5.1
    f5 big-ip_analytics 12.0.0
    f5 big-ip_local_traffic_manager 11.5.2
    f5 big-ip_global_traffic_manager 11.4.0
    f5 big-ip_advanced_firewall_manager 11.4.1
    f5 big-ip_application_acceleration_manager 12.1.1
    f5 big-ip_advanced_firewall_manager 11.4.0
    f5 big-ip_application_acceleration_manager 12.1.0
    f5 big-ip_analytics 11.6.0
    f5 big-ip_analytics 11.6.1
    f5 big-ip_access_policy_manager 11.4.1
    f5 big-ip_access_policy_manager 11.4.0
    f5 big-ip_application_security_manager 12.1.2
    f5 big-ip_policy_enforcement_manager 11.5.2
    f5 big-ip_policy_enforcement_manager 11.5.1
    f5 big-ip_policy_enforcement_manager 11.5.0
    f5 big-ip_protocol_security_manager 11.4.1
    f5 big-ip_protocol_security_manager 11.4.0
    f5 big-ip_link_controller 11.5.4
    f5 big-ip_link_controller 11.5.3
    f5 big-ip_application_security_manager 12.1.1
    f5 big-ip_application_security_manager 12.1.0
    f5 big-ip_link_controller 11.5.2
    f5 big-ip_link_controller 11.5.1
    f5 big-ip_link_controller 11.5.0
    f5 big-ip_application_acceleration_manager 12.1.2
    f5 big-ip_local_traffic_manager 11.4.0
    f5 big-ip_local_traffic_manager 11.4.1
    f5 big-ip_advanced_firewall_manager 11.5.2
    f5 big-ip_analytics 12.1.2
    f5 big-ip_advanced_firewall_manager 11.5.0
    f5 big-ip_advanced_firewall_manager 11.5.1
    f5 big-ip_advanced_firewall_manager 11.5.4
    f5 big-ip_advanced_firewall_manager 11.5.3
    f5 big-ip_application_security_manager 11.6.0
    f5 big-ip_analytics 12.1.0
    f5 big-ip_analytics 12.1.1
    f5 big-ip_policy_enforcement_manager 11.4.1
    f5 big-ip_policy_enforcement_manager 11.4.0
    f5 big-ip_policy_enforcement_manager 11.5.4
    f5 big-ip_policy_enforcement_manager 11.5.3
    f5 big-ip_access_policy_manager 12.1.2
    f5 big-ip_application_security_manager 11.6.1
    f5 big-ip_access_policy_manager 12.1.0
    f5 big-ip_application_security_manager 12.0.0
    f5 big-ip_access_policy_manager 12.1.1
    f5 big-ip_link_controller 11.6.1
    f5 big-ip_link_controller 11.6.0
    f5 big-ip_local_traffic_manager 11.5.3
    f5 big-ip_application_acceleration_manager 11.4.1
    f5 big-ip_link_controller 12.0.0
    f5 big-ip_local_traffic_manager 11.5.4
    f5 big-ip_application_acceleration_manager 11.4.0

Attack Scenarios:

    No data available

False Positives:

    None known

False Negatives:

    None known

Corrective Action:

    Upgrade to the latest non-affected version
    Apply vendor-provided patches

Contributors:

    No data available

Additional References: