Last Modified: May 29, 2024
Affected Product(s):
BIG-IP ASM
Fixed In:
17.1.0, 16.1.4
Opened: May 23, 2022 Severity: 4-Minor
If the "Virus detected" violation is disabled, there is no notification about it after enabling "Anti-Virus Protection".
No warning is shown to user which indicates that the related violation settings are switched off (Learning, Alarming or Blocking)
1. In Security ›› Application Security : Policy Building : Learning and Blocking Settings screen, for Virus Detected violation set at least one of the Learn, Alarm, or Block checkboxes as empty. 2. In Security ›› Application Security : Security Policies : Policies List ›› <selected_policy> screen - check the Scan HTTP Uploads (in Anti-Virus Protection field) 3. No warning is shown.
None
Warning of the related switched-off violation settings will be shown.