Last Modified: May 29, 2024
Affected Product(s):
BIG-IP AFM
Fixed In:
16.1.1, 15.1.4
Opened: May 12, 2021 Severity: 3-Major
A user account with the "firewall-manager" role that is assigned permissions only to custom partitions will not be able to configure protocol inspection profiles.
Any user account without access to "/Common" partition is not allowed to configure protocol inspection profiles.
-- A user account is created with the role firewall-manager. -- A custom partition is created. -- The newly created user is given access to the newly created partition.
- If the user account is provided access to "/Common" partition as well, the user should be able to configure protocol-inspection profiles in the newly created custom partitions.
The permissions are granted for any non-admin user to configure protocol inspection profiles in a custom partition as long as they have access to "/Common" partition as well.