Last Modified: May 29, 2024
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4
Fixed In:
16.1.0, 16.0.1.1, 15.1.0.5, 14.1.2.8, 13.1.3.5, 12.1.5.3
Opened: Mar 09, 2020 Severity: 3-Major
JSESSIONID, BIGIPAUTHCOOKIE, BIGIPAUTH can be seen in the browser's debugging page.
HTTPS session information is captured/seen in the browser's local cache, cookie. Note: The BIG-IP system does not display and/or return sensitive data in the TMUI. Content that is marked appropriately as sensitive is never returned, so it is never cached. Data that is cached for TMUI in the client browser session is not considered secret.
-- Accessing the BIG-IP system using the GUI. -- Viewing the browser's stored cache information.
Disable caching in browsers.
None