Last Modified: Jun 28, 2025
Affected Product(s):
BIG-IP ASM, Install/Upgrade
Known Affected Versions:
16.1.5, 16.1.5.1, 16.1.5.2, 16.1.6, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2, 17.5.0, 17.5.1
Opened: Apr 03, 2025 Severity: 3-Major
After an upgrade or a re-import, duplicate signature sets denoted by a "_1" are created containing NULL values instead of empty strings.
Additional "duplicate" sets are created every time a policy is re-imported. This does not affect any functionality, but does increase the total configuration size, and makes the configuration more difficult to manage.
A user-defined signature set has an empty string for the tagged signature filter.
You can repair the policy by navigating to “Security ›› Application Security : Policy Building : Learning and Blocking Settings”, clicking on “change”, and choosing the original created sets instead of the duplicated sets. Save, and then apply the policy. The duplicated sets can be deleted after that.
None