1. Vulnerability Description

• Ticketbleed is a software vulnerability in the TLS/SSL stack of F5 BIG-IP appliances allowing a remote attacker to extract up to 31 bytes of uninitialized memory at a time.

2. How to check vulnerability

• You can check with the script in the link below.
  • link
• The full list of affected versions is available on the F5 website.
  • link

3. Vulnerability Countermeasure

• You should upgrade to a version that is not vulnerable.
• Disabling Session Tickets is a complete mitigation.
  • How to disable:

(1) Log in to the Configuration utility
(2) Navigate on the menu to Local Traffic > Profiles > SSL > Client
(3) Toggle the option for Configuration from Basic to Advanced
(4) Uncheck the Session Ticket option to disable the feature
(5) Click Update to save the changes