Bug ID 420378: Attack Type of "Illegal HTTP Status" violation should be "Information Leakage" instead of "HTTP Parser Attack"

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.3.0, 11.4.0

Fixed In:

Opened: May 02, 2013
Severity: 3-Major
Related AskF5 Article:


The "Illegal HTTP Status" violation is mistakenly reported as an "HTTP Parser Attack" attack type, but it should be an "Information Leakage" attack type.


Wrong attack type.


F5 consultant found "Violation: Illegal HTTP status in response" was marked as "Attack Type: HTTP Parser Attack" please see \\athens\siteconfig\1-188898302\apr_26\Capture.PNG


This issue has no workaround at this time.

Fix Information

The "Illegal HTTP Status" violation is now correctly reported as an "Information Leakage" attack instead of an "HTTP Parser Attack" attack.

Behavior Change