Last Modified: Apr 26, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3
Opened: Jun 23, 2023 Severity: 3-Major
OAuth bearer SSO is configured with "generate JWT", and the JWT includes claims which take "custom variable" as claim value and string as claim type. The JWT is corrupted where the custom variable is populated in Variable assign agent in the VPE, for some values of custom variable, for example, <'Some long garbage string in the Custom Variable'.>
The JWT token with garbage is added, which later leads to failure of token validation causing failures in accessing applications.
- OAuth bearer SSO configured with Generate JWT. - Add custom variable as claim value, for example, %{session.custom.test} which is populated in Variable assign agent in the VPE.
As insecure custom variable is added and returned to variable assign agent. Add the custom variable as a normal string in claim value and claim type as string instead of adding to the Variable assign agent.
None