Bug ID 1013813: Advanced WAF GraphQL support

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Fixed In:
16.1.0

Opened: Apr 22, 2021
Severity: 3-Major

Symptoms

GraphQL queries payload causes lots of false positive signautres.

Impact

Lots of false positives.

Conditions

GraphQL payload arriving to ASM.

Workaround

N/A

Fix Information

BIG-IP Advanced WAF now supports GraphQL. GraphQL queries are parsed and signatures are applied on the relevant parts of the query, and Advanced WAF can perform introspection mitigation, syntax enforcement, max query depth and additional settings mitigations.

Behavior Change

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5 Networks, Inc. All rights reserved. Policies | Privacy | Trademarks