Bug ID 1065681: Sensitive data is not masked under certain conditions.

Last Modified: Apr 26, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,,, 15.1.9,, 15.1.10,,,, 16.1.0, 16.1.1, 16.1.2,,, 16.1.3,,,,,, 16.1.4,,,, 17.0.0,,, 17.1.0,,,, 17.1.1,,,

Opened: Dec 03, 2021

Severity: 3-Major


Sensitive data (or part of it) is visible in the request logs or the remote log.


Sensitive data is visible in the log.


A parameter that is defined as a JSON profile. That profile has the parse parameters flag set.


There are 2 possible workarounds: 1. Make the parameter that contains the json a sensitive parameter. 2. In the json profile attached to the parameter, uncheck the parse parameters flag. You will see a tab of sensitive data added in the UI. In that tab, explicitly add the JSON element as a sensitive element.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips