Last Modified: Dec 18, 2024
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6
Opened: Aug 16, 2022 Severity: 3-Major
A configuration option is missing for the unparseable request content subviolation override.
It is not possible to configure an override for this subviolation on a microservice.
The option is missing in the UI and REST.
An iRule can be used to mitigate this condition. The specific iRule will be different according to the use case, the following is an example (psaudo code): when ASM_REQUEST_DONE { if {[ASM::microservice] eq "/foo/*a/"} { if { [HTTP::uri] length > X} #trigger ASM custom violation }
None