Bug ID 420378: Attack Type of "Illegal HTTP Status" violation should be "Information Leakage" instead of "HTTP Parser Attack"

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.3.0, 11.4.0

Fixed In:
11.5.0

Opened: May 02, 2013

Severity: 3-Major

Related Article: K51400053

Symptoms

The "Illegal HTTP Status" violation is mistakenly reported as an "HTTP Parser Attack" attack type, but it should be an "Information Leakage" attack type.

Impact

Wrong attack type.

Conditions

F5 consultant found "Violation: Illegal HTTP status in response" was marked as "Attack Type: HTTP Parser Attack" please see \\athens\siteconfig\1-188898302\apr_26\Capture.PNG

Workaround

This issue has no workaround at this time.

Fix Information

The "Illegal HTTP Status" violation is now correctly reported as an "Information Leakage" attack instead of an "HTTP Parser Attack" attack.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips