Last Modified: Dec 05, 2024
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
16.1.4.1, 16.1.4.2, 16.1.4.3
Fixed In:
17.1.2, 16.1.5
Opened: Nov 16, 2023 Severity: 3-Major
If the "Attribute" in a schema file has an upper case letter, then schema validation fails. This does not apply to "Element", which tries to match exact case.
Requests fail with Violation, even though the Schema file has a specific attribute.
Create a Case insensitive ASM policy. Create an XML Schema profile which has an "Attribute" Tag with at least one upper-case letter in the Attribute name.
Have the "Attribute" tag name with all lower case letters, then the request does not gets blocked.
None