Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.1.0, 14.1.0.1
Fixed In:
15.0.0, 14.1.0.2, 14.0.0.5, 13.1.1.4
Opened: Nov 06, 2018 Severity: 4-Minor
ASM will report "invalid inactivity timeout" suggestions to delete a cookie, even though the cookies are being sent and are valid.
Since non-violating traffic is not sent to the policy engine, the inactivity timeout timer is never reset, which will eventually lead to suggestions to delete the inactive cookie entities. These suggestions are erroneous because valid cookies are being sent in the traffic.
- Inactivity timeout feature is configured in Policy Builder - Cookie entity is configured in the policy - Valid, non-violating traffic containing cookies is passed
Ignore the inactive entity suggestions for cookies
Inactivity learning for cookies has been deprecated, the feature does not cover cookies anymore.