Last Modified: May 29, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 14.1.5.4, 14.1.5.6, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5
Fixed In:
17.0.0, 16.1.4, 15.1.9
Opened: Aug 24, 2021 Severity: 3-Major
Access policy agents and iRules that depend on "session.user.agent" session variable fail to execute properly.
Any access policy agents that depend on this session variable will not be able to follow the rules.
Access polices have agents that depend on the value of session variable "session.user.agent" for its execution.
An iRule can be used to generate a session variable. For example: # This event fires once per session when ACCESS_SESSION_STARTED { log local0. "Setting User-Agent based on HTTP data - [HTTP::header User-Agent]" ACCESS::session data set session.custom.client.useragent [HTTP::header User-Agent] #Use this variable in the VPE to make some decision }
Fix now sets the session variable properly.