Last Modified: Jul 24, 2024
Affected Product(s):
BIG-IP ASM
Fixed In:
16.1.5
Opened: Feb 15, 2024 Severity: 3-Major
The requests from the same Chrome browser but from different connections can have different TLS fingerprints
The same user will be identified and examined as a different users
Behavioral L7 DOS is configured, BAD actors behavior detection configured with "Use TLS patterns as part of host identification" option. Some good clients or attackers use new versions of Chrome
Don't use "TLS patterns as part of host identification" option"
The requests from the same Chrome browser have different TLS fingerprints