Last Modified: May 29, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.2
Fixed In:
17.0.0, 16.1.2.1, 15.1.5, 14.1.4.5
Opened: Sep 18, 2019 Severity: 3-Major
The iRule attached to the OAuth Resource Server (RS) is not triggered when the traffic hits the virtual server.
OAuth scope check agent fails with 'HTTP error 503': as the iRule attached to the RS virtual server is not triggered.
The issue occurs during a reboot of the BIG-IP device containing an OAuth server config and an attached iRule, or when the iRule is initially assigned to the OAuth Server.
For existing OAuth servers with the iRule attached, modify the iRule, for example, adding a log. This makes the iRule trigger when it is initially attached or loaded.
The iRule is triggered when a request comes to the OAuth RS virtual server.