Last Modified: Jul 12, 2021
Affected Product:
See more info
BIG-IP ASM
Fixed In:
16.1.0
Opened: Apr 22, 2021
Severity: 3-Major
GraphQL queries payload causes lots of false positive signautres.
Lots of false positives.
GraphQL payload arriving to ASM.
N/A
BIG-IP Advanced WAF now supports GraphQL. GraphQL queries are parsed and signatures are applied on the relevant parts of the query, and Advanced WAF can perform introspection mitigation, syntax enforcement, max query depth and additional settings mitigations.