Last Modified: Dec 05, 2024
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4
Fixed In:
17.1.2
Opened: Jul 07, 2023 Severity: 3-Major
Misinterpreting Other parameter data types as URI type
The request is blocked along with other parameter data types
-- Configure a policy that contains a parameter with Parameter Value Type = Auto detect and disable the staging. -- Set Illegal parameter data type in Learning and Blocking Settings to block
Modify the DEFAULT_ecard_regexp_uri through asm internal variables /usr/share/ts/bin/add_del_internal, execute the following command /usr/share/ts/bin/add_del_internal add DEFAULT_ecard_regexp_uri '^\\w+:\\/\\/([^\\s@]+@)?([^\\s^\\/]+)(:\\d+)?(\\/[^\\s]*)?' Don't forget to restart ASM to apply changes: bigstart restart asm
None