Bug ID 424004: BD should not issue "modified asm cookie" on persistant flow cookie that equals 0

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.3.0

Fixed In:
11.3.0 HF8

Opened: Jun 26, 2013

Severity: 3-Major

Related Article: K66131120

Symptoms

The customer noticed errornous "Modified ASM cookie" when the login->logout happened on a different web application.

Impact

The impact of this issue is a false violation of "Modified ASM cookie".

Conditions

This issue occurs when you configure a login page enforcing and have two security policies on the same host.

Workaround

This issue has no workaround at this time.

Fix Information

We fixed a TS cookie so that when a login page is configured in the security policy, after a user goes through the logout page, the system no longer erroneously issues the "Modified ASM Cookie" violation as it used to do in a specific scenario.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips