How to remediate F5 BIG-IP TLS Vulnerability (Ticketbleed) (CVE-2016-9244) vulnerability in windows servers

Black_Adam 0 Reputation points
2023-03-20T17:19:41.44+00:00

Hello Experts,
We have few windows server 2012/2016 servers, we have a vulnerability scanning tool which scans all the servers for vulnerabilities, when we scan the servers it detect the F5 BIG-IP TLS Vulnerability (Ticketbleed) (CVE-2016-9244) vulnerability in windows servers. Though, this is for F5 appliances, do we have any solution for MS servers available so that this can be remediated?

Thank you

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,103 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 44,336 Reputation points
    2023-03-21T15:50:37.0266667+00:00

    Hello

    Thank you for your question and reaching out. I can understand you are having query\issues related to F5 BIG-IP TLS Vulnerability in Windows servers.

    You can try following steps to disable session tickets.

    Disable-TlsSessionTicketKey Windows Server 2016 : https://learn.microsoft.com/en-us/powershell/module/tls/disable-tlssessionticketkey?view=windowsserver2022-ps

    Also please check on Windows server if there is any F5 client or policy manager is installed.

    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.