Last Modified: Jul 10, 2026
Affected Product(s):
BIG-IP APM, Install/Upgrade
Known Affected Versions:
17.1.3.2, 17.5.1.6, 21.0.0, 21.0.0.1
Opened: May 22, 2026 Severity: 3-Major
After upgrading to BIG-IP 17.5.1.6, all users experience failures with certain requests when an Access Profile is applied to the virtual server. Specifically, SharePoint edits or updates fail, and any request containing curly braces ({ or } or | or \ ) triggers the error: 'Access encountered an error (Operation not supported).' This issue does not occur when the Access Profile is removed or when using standard bracket characters (e.g., ( or )).
This issue has a significant impact, particularly in environments using Microsoft SharePoint/IIS and browsers such as Chrome or Edge, which may send non-encoded curly braces.
Requests contain curly braces ({ or } or | or \ ) in the URI
URI encoding of curly braces ({ ? %7B, } ? %7D) can be handled using an iRule: when HTTP_REQUEST priority 100 { set my_query [HTTP::query] if { ($my_query contains "{") or ($my_query contains "}") or ($my_query contains "|") or ($my_query contains "\"") } { HTTP::query [string map {"{" "%7B" "}" "%7D" "|" "%7C" "\"" "%22"} $my_query] } } This iRule checks for specific characters in the query and replaces them with their encoded equivalents
None