Bug ID 423821: Learning suggestion for adding explicit enforced cookies to the security policy is missing.

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.3.0

Fixed In:
11.3.0 HF8

Opened: Jun 24, 2013
Severity: 3-Major
Related Article:
K42475342

Symptoms

Learning suggestion for adding explicit enforced cookies to the security policy is missing, despite there being traffic that should trigger such a suggestion.

Impact

The learning suggestion for adding explicit enforced cookies to the security policy will be missing and the policy will be less secure.

Conditions

Cookies that are set by the web server and should not be edited are sent in traffic, and Manual Learning is used in order to build the policy.

Workaround

Manually define the enforced cookies in the policy, rather than relying on learning suggestions.

Fix Information

The system now provides a learning suggestion for adding explicit enforced cookies to the security policy, where applicable.

Behavior Change