Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1
Fixed In:
11.5.0, 11.4.0 HF4, 11.3.0 HF8, 11.2.1 HF10
Opened: Jul 29, 2013 Severity: 3-Major
Under certain circumstances, part of a request that is blocked by ASM may be present in the response to a subsequent non-blocked response.
Requests from different client flows mixed in serverside request flow
2 different clients talking to 2 different VSs on the same device. If one of the clients submits a SOAP request which is blocked due to non-compliance with the schema or WSDL document, or Illegal meta-character in value, then some of the request may be copied into the response body of a client, possibly on a different VS.
N/A
We fixed a scenario where under certain circumstances, part of a request that is blocked by ASM appeared in the response to a subsequent non-blocked response.