Bug ID 1088849: Inconsistent behavior while sending malformed request to /TSbd URLs

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2

Fixed In:
15.1.9

Opened: Mar 22, 2022

Severity: 3-Major

Symptoms

When the BIG-IP system receives crafted/malformed requests to fictive /TSbd URLs, the BIG-IP system behaves in three different ways: -- Displaying a default response page with Support ID -- Reset the connection -- Displaying an alternative response page, e.g. 'Leaked Credentials Detected' OR 'Login Failed').

Impact

Inconsistent behavior for malformed /TSbd fictive URLs.

Conditions

Use malformed /TSbd URLs.

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips