Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1
Fixed In:
15.0.0, 14.1.0.2, 13.1.1.4
Opened: Sep 30, 2018 Severity: 4-Minor
Users using the Puffin Browser are blocked when accessing the Virtual Server when it is protected with either Proactive Bot Defense (within DoSL7 profile) or with the Bot Defense profile. This applies to all version of the Puffin Browsers: Desktop, Android, iOS.
Users of the Puffin Browser cannot access the website
- Users using the Puffin Browser on Desktop, Android, iOS - Bot Defense Profile, or: DoSL7 profile with Proactive Bot Defense is used while the "Block Suspicious Browsers" checkbox is enabled
None
Users of the Puffin Browser can now access the website that is protected by Bot Defense without getting blocked. For the fix to be applied, both BIG-IP Release and ASU must be installed which contain the fix. Also, it is recommended to enable the following DB variables: tmsh modify sys db dosl7.proactive_defense_validate_ip value disable tmsh modify sys db dosl7.cs_validate_ip value disable