Bug ID 1043385: No Signature detected If Authorization header is missing padding.

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
17.0.0,,,, 13.1.5

Opened: Aug 28, 2021

Severity: 3-Major


If the Authentication scheme value in the Authorization header contains extra/missing padding in base64, then ASM does not detect any attack signatures.


Attack signature not detected.


HTTP request with Authorization header contains base64 value with extra/missing padding.



Fix Information

Base64 values with extra/missing padding has been handled to detect attack signature

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips