K20105555: F5 SSL Orchestrator may fail to stop an attacker from exfiltrating data on a compromised client system (SNIcat)
Security Advisory Description An attacker may be able to exfiltrate data from a target system sitting behind F5 SSL Orchestrator by inserting data into the TLS SNI field. This approach assumes that the attacker has already compromised, and is in full control of, the target system to be able to...