Bug ID 1059573: Variation in a case insensitive value of an operand in LTM policy may fail in some rules.

Last Modified: Feb 07, 2024

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.1.4.1, 13.1.5, 13.1.5.1, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 14.1.5.4, 14.1.5.6, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 16.0.1.2, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2

Fixed In:
17.0.0, 15.1.10

Opened: Nov 03, 2021

Severity: 3-Major

Symptoms

LTM policy engine compiles a policy into a state machine. If there is a variation of the same case insensitive value for an operand, the state machine may fail to properly build all rules, using this value. An example of a variation is a list of words like "Myself", "myself", "MYself", "mySElf", "MYSELF".

Impact

An expected rule does not apply: either a wrong rule is applied, or no rule is applied, causing incorrect traffic processing.

Conditions

-- LTM policy is configured and attached to a virtual server. -- The policy has variation in a case insensitive value of an operand.

Workaround

Eliminate variation in any case insensitive value of any operand. For example, replace all variations in the mentioned list with "myself".

Fix Information

When there is a variation in a case insensitive value of an operand, BIG-IP will correctly handle it and compiles the policy so the rules with the variations are correctly applied to processing traffic.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips