Bug ID 1052173: For wildcard SSRF hosts "Matched Disallowed Address" field is wrong in the SSRF violation.

Last Modified: Nov 14, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
16.1.0, 16.1.1, 16.1.2, 16.1.2.1

Fixed In:
17.0.0, 16.1.2.2

Opened: Oct 05, 2021
Severity: 3-Major

Symptoms

"Matched Disallowed Address" and "Actual Disallowed Address" both are shown as same "Actual Disallowed Address" only.

Impact

Misleading SSRF violation details

Conditions

- configure wildcard SSRF host

Workaround

None.

Fix Information

None

Behavior Change

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5, Inc. All rights reserved. Policies | Privacy | Trademarks