Cookie Poisoning

Cookie poisoning is the term applied when attackers manipulate or "poison" an otherwise valid cookie sent back to a server. The altered or "hacked" cookie can be used to bypass user security mechanisms on the server and glean personal information for such purposes as identity or trade theft.

Technologies that involve application firewalls such as the F5 BIG-IP® Application Security Manager and TMOS™ maintain application integrity by allowing only authorized application processes to occur. They prevent altered cookies from passing to the server or application.

F5 products that prevent Cookie Poisoning: BIG-IP Application Security Manager