Last Modified: Jul 10, 2026
Affected Product(s):
BIG-IP APM
Known Affected Versions:
17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2, 17.1.3, 17.1.3.1, 17.1.3.2, 17.5.0, 17.5.1, 17.5.1.2, 17.5.1.3, 17.5.1.4, 17.5.1.5, 17.5.1.6, 21.0.0, 21.0.0.1
Opened: Jun 30, 2026 Severity: 3-Major
- mdmsyncmgr fails to retrieve NonCompliantDevice details from Intune - APM logs show authentication errors during device detail updates: “Authentication error for get all non-compliant devices request” - Azure Blob Storage responds with HTTP 403 AuthenticationFailed and message: “Signature fields not well formed” - Packet capture shows SAS signature truncated in redirected request - Issue correlates with the presence of two newly added HTTP headers in Intune redirect response
- NonCompliantDevice retrieval fails completely - Device compliance data cannot be synchronized from Intune - Affects visibility and enforcement of compliance policies
- BIG-IP APM configured with mdmsyncmgr and Microsoft Intune integration - Intune returns an HTTP 303 redirect to Azure Blob Storage with an SAS token - Redirect response includes additional HTTP headers (recent change on Intune side) - Resulting HTTP request size exceeds internal handling limit (~1515 bytes observed) - mdmsyncmgr follows the redirect (HTTP scheme) and truncates the request payload (~15 bytes lost).
None
None