Last Modified: May 29, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6
Fixed In:
15.0.0, 14.1.2.7, 13.1.3
Opened: Nov 21, 2018 Severity: 3-Major
In SWG, if a new request from a client executes iRule command "ACCESS::session exists" when the session has expired previously, the command will return false. However, if command "ACCESS::session create" is executed following the exist command, the session ID of the previous session may be returned.
The Access filter will determine that the session ID is stale and, therefore, will redirect the client to /my.policy
In SWG, if a new request from a client IP comes into the system right after its previous session has expired.
None
N/A