Last Modified: Nov 22, 2021
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.4.1
Fixed In:
11.5.0
Opened: Oct 22, 2013 Severity: 3-Major
A race condition exists that may prevent a new Security Policy from correctly being created on a peer device after the configuration has been pushed.
Configuration between primary device and peer is not synchronized correctly, and a policy may not be enforced as expected in the case of failover.
1) Devices are in a Manual Sync, Failover Device Group with ASM sync enabled. 2) A new policy is created on the active device. 3) The configuration is pushed to the peer.
Make a spurious change to any policy on the primary device, then push the configuration again.
The race condition has been fixed.