Last Modified: Sep 02, 2025
Affected Product(s):
BIG-IQ Web App Security (ASM)
Known Affected Versions:
8.3.0
Opened: Jul 05, 2023 Severity: 3-Major
BIG-IQ restjavad log file would show an error similar to the following when importing configuration from a BIG-IP ASM device: [/cm/asm/tasks/discover-config/4e3b4176-308e-4591-8468-4ef9719efdc2/worker AsmDiscoveryTaskWorker] Error while creating 'ASM Policy - Url' 'null' in current-config: http://localhost:8100/cm/asm/current-config/policies/343a57d0-1c6f-36f0-b0a9-fb4647bbe1d5/urls, and while creating 'ASM Policy - Url' 'null' in current-config: http://localhost:8100/cm/asm/current-config/policies/343a57d0-1c6f-36f0-b0a9-fb4647bbe1d5/urls, and while creating 'ASM Policy - Url' 'null' in current-config: http://localhost:8100/cm/asm/current-config/policies/343a57d0-1c6f-36f0-b0a9-fb4647bbe1d5/urls, and while creating 'ASM Policy - Url' 'null' in current-config: http://localhost:8100/cm/asm/current-config/policies/343a57d0-1c6f-36f0-b0a9-fb4647bbe1d5/urls : java.lang.IllegalArgumentException: Duplicate item. Key already exists: protocol : http, name : /test/duplicateUrl In this example, inspecting the affected ASM policy from the BIG-IP ASM that is being imported should reveal that one of the affected URLs would have multiple allowed URL entries for "/test/duplicateUrl", but those entries would have different HTTP request methods.
Unable to import ASM policy configuration from the BIG-IP ASM device.
- Multiple entries in the ASM policy for the same URL but with different HTTP request methods.
The feature for having multiple entries for the same allowed URLs having different HTTP request methods is not yet implemented for BIG-IQ v8.3.0. Avoid using multiple entries for the same allowed URLs. If the feature is absolutely necessary, install an EHF for ID1316593.
None