Bug ID 763001: Web-socket enforcement might lead to a false negative

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5

Fixed In:
15.0.0, 14.1.0.6, 14.0.1.1, 13.1.3

Opened: Mar 21, 2019

Severity: 3-Major

Related Article: K70312000

Symptoms

A request that should be blocked will be passed to server.

Impact

Bad requests may be passed to the server

Conditions

Parse parameters flag in json profile is enabled. Requests are sent in json websocket.

Workaround

Disable parse parameters flag in json profile

Fix Information

Web-socket enforcement now filters requests as expected.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips