Last Modified: Oct 15, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2, 17.1.3
Opened: Feb 18, 2025 Severity: 2-Critical
The request object which contains custom session variables which are filled through iRule and variable assign agent are empty in oauth redirect urls At the time of oauth Request object creation i.e from mcp to tmm oauth_request_item_table is not getting populated in all tmm instances and every time issue identified in a single tmm instance.
Not able to perform oauth
-- BIG-IP APM as OAuth Client, inside Per-Request-Policy. -- Some custom session variables are filled thru variable assign agent and irules. custom session variables are used in oauth request in auth redirect and token redirect params.
None
None