Bug ID 1052173: For wildcard SSRF hosts "Matched Disallowed Address" field is wrong in the SSRF violation.

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
17.0.0, 16.1.2.2

Opened: Oct 05, 2021

Severity: 3-Major

Symptoms

"Matched Disallowed Address" and "Actual Disallowed Address" both are shown as same "Actual Disallowed Address" only.

Impact

Misleading SSRF violation details

Conditions

- configure wildcard SSRF host

Workaround

None.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips