Share via

How to remediate F5 BIG-IP TLS Vulnerability (Ticketbleed) (CVE-2016-9244) vulnerability in windows servers

Black_Adam 0 Reputation points
2023-03-20T17:19:41.44+00:00

Hello Experts,
We have few windows server 2012/2016 servers, we have a vulnerability scanning tool which scans all the servers for vulnerabilities, when we scan the servers it detect the F5 BIG-IP TLS Vulnerability (Ticketbleed) (CVE-2016-9244) vulnerability in windows servers. Though, this is for F5 appliances, do we have any solution for MS servers available so that this can be remediated?

Thank you

Windows for business | Windows Server | User experience | Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 45,126 Reputation points
    2023-03-21T15:50:37.0266667+00:00

    Hello

    Thank you for your question and reaching out. I can understand you are having query\issues related to F5 BIG-IP TLS Vulnerability in Windows servers.

    You can try following steps to disable session tickets.

    Disable-TlsSessionTicketKey Windows Server 2016 : https://learn.microsoft.com/en-us/powershell/module/tls/disable-tlssessionticketkey?view=windowsserver2022-ps

    Also please check on Windows server if there is any F5 client or policy manager is installed.

    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.