Last Modified: Feb 07, 2024
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1
Fixed In:
17.0.0, 15.1.4
Opened: May 05, 2021 Severity: 3-Major
If two policies are configured with rule lists of same type of properties (1 allow and 1 deny) with the geo property used, the geo settings of the first rule will be used in the second rule.
Connection requests for the second virtual server that uses the second policy will use the geo settings from the first policy.
-- Two policies having the same type of rule lists (1 allow rule and 1 deny rule) -- The same geo is configured in a rule in each of the rule lists. -- One rule is configured to allow, one is configured to deny
None
Connection request for second virtual server will be dropped and allowed as configured in the policy that is attached.