Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.3.0
Fixed In:
11.3.0 HF8
Opened: Jun 24, 2013 Severity: 3-Major Related Article:
K42475342
Learning suggestion for adding explicit enforced cookies to the security policy is missing, despite there being traffic that should trigger such a suggestion.
The learning suggestion for adding explicit enforced cookies to the security policy will be missing and the policy will be less secure.
Cookies that are set by the web server and should not be edited are sent in traffic, and Manual Learning is used in order to build the policy.
Manually define the enforced cookies in the policy, rather than relying on learning suggestions.
The system now provides a learning suggestion for adding explicit enforced cookies to the security policy, where applicable.