CVE-2016-9244

CVE-2016-9244

A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.

Source: CVE-2016-9244

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다