Bug ID 1106937: ASM may skip signature matching

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
17.1.0, 16.1.4, 15.1.9

Opened: May 17, 2022

Severity: 3-Major

Symptoms

Under certain conditions ASM skips signature matching.

Impact

Signature matching gets skipped.

Conditions

Authorization header type is Bearer. - When input contains less than or more than 3 parts of JWT token values. - When base64 decode fails while decoding JWT token.

Workaround

None

Fix Information

ASM checks for signature matching.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips