Bug ID 1079721: OWASP 2017 A2 Category - Login enforcement link is broken

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
16.1.3.1

Opened: Feb 09, 2022

Severity: 4-Minor

Symptoms

Under A2 category, Broken Authentication: ‘Login Enforcement: Not fulfilled’ - if you click on the Not fulfilled link you end up with a broken link

Impact

Link is broken, and need to go manually to login enforcement tab in Policy Configuration page

Conditions

1. Go to OWASP page (Security ›› Overview : OWASP Compliance) 2. Collapse Broken Authentication field 3. Click on Login Enforcement protection state link (Fulfilled or Not Fulfilled).

Workaround

Go to the related policy configuration page, click on Session and Logins tab. You will see there the Login Pages section.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips