Last Modified: Oct 09, 2024
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4
Fixed In:
16.1.5
Opened: Oct 04, 2023 Severity: 4-Minor
"Leaked Credentials Detection" action unexpectedly modified after XML-format policy export and re-import.
"Leaked Credentials Action" is modified to default "Alarm and Blocking Page" after reimporting policy.
Create a /login.php and set the Leaked Credentials Action to "Alarm and Leaked Credential Page"/"Alarm and HoneyPot Page". Export and reimport the policy in XML format.
Policy can be exported and reimported in Binary format. Issue is not seen with Binary format.
Fixed an issue with Leaked Credentials Detection.