Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.2.1, 11.3.0, 11.4.0
Fixed In:
11.5.0, 11.4.1, 11.4.0 HF6, 11.3.0 HF6, 11.2.1 HF8
Opened: May 17, 2013 Severity: 3-Major Related Article:
K70840320
The BIG-IP APM rewrite process may exit and restart when processing uniform resource identifiers (URI) with multiple doubledot (..) characters. As a result of this issue, you may encounter one or more of the following symptoms: -- APM end user requests for portal access resources stall or fail. -- The system generates a rewrite process core file to the /shared/core directory.
The BIG-IP APM system may temporarily fail to process traffic while the system recovers from the rewrite process restarting.
This issue occurs when all of the following conditions are met: -- The BIG-IP APM system is configured for portal access. -- The BIG-IP APM system processes a URI that contains multiple doubledot characters. For example, the following HTML links may cause the rewrite process to exit and restart: <a href="../../../../../../../../../../index.html"/> <a href="xxx/../../../../../../../../../../index.html"/>
This issue has no workaround at this time.
A rewrite plugin crash that could happen when accessing some HTML pages through APM portal access no longer occurs.