Bug ID 1092965: Disabled "Illegal Base64 value" violation is detect for staged base64 parameter with attack signature in value

Last Modified: Mar 30, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
17.1.0, 16.1.4, 15.1.9

Opened: Mar 31, 2022

Severity: 3-Major


An "Illegal Base64 value" violation will be reported for a staged parameter even though Alarm/Blocking/Learning is disabled for this violation.


The violation "Illegal Base64 value" is reported.


- A parameter has to be set to staging mode with base64 decoding. - The Alarm/Blocking/Learning flags has to be disabled for the violation "Illegal Base64 value". - The incoming request has to have the defined parameter in QS with an attack signature that is not base64 encoded in the parameter value.



Fix Information

The violation "Illegal Base64 value" is not reported if Alarm/Blocking/Learning flags are disabled.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips