Bug ID 424004: BD should not issue "modified asm cookie" on persistant flow cookie that equals 0

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.3.0

Fixed In:
11.3.0 HF8

Opened: Jun 26, 2013
Severity: 3-Major
Related Article:
K66131120

Symptoms

The customer noticed errornous "Modified ASM cookie" when the login->logout happened on a different web application.

Impact

The impact of this issue is a false violation of "Modified ASM cookie".

Conditions

This issue occurs when you configure a login page enforcing and have two security policies on the same host.

Workaround

This issue has no workaround at this time.

Fix Information

We fixed a TS cookie so that when a login page is configured in the security policy, after a user goes through the logout page, the system no longer erroneously issues the "Modified ASM Cookie" violation as it used to do in a specific scenario.

Behavior Change