Last Modified: May 29, 2024
Affected Product(s):
BIG-IP FPS
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 15.0.0, 15.0.1
Fixed In:
15.1.0, 15.0.1.1, 14.1.2.1, 14.0.1.1, 13.1.3.2
Opened: Jul 11, 2019 Severity: 3-Major
Request signatures are part of the WebSafe signature mechanism. The request signature is achieved by configuring an FPS-protected URL and a corresponding custom-alert. If the URL is a wildcard, a priority must be assigned to determine the order of matching. URL matching by priority is not working properly. As a result, the signature do not work as expected
A portion of WebSafe request signature do not work as expected: -- An alert is sent, though it should not be (false-positive). -- An alert was not sent, though it should be (false-negative).
There is at least one wildcard URL configured by the request signature update file.
Configure the same signature manually in the BIG-IP system's GUI/tmsh.
FPS now correctly handles signature-based wildcard URL's priority.