Last Modified: Nov 22, 2021
Opened: Nov 06, 2013
Severity: 3-Major
Overridden signatures on a parameter are ignored after the parameter level is changed. As a result, ASM incorrectly blocks an attack signature on a URL level parameter, when it is specifically configured not to.
ASM incorrectly blocks on an attack signature on an URL level parameter, when it is specifically configured not to.
If parameter level is changed (such as from Global to URL), signature overrides on the parameter will not be used in enforcement.
The parameter can be deleted and re-created. Alternatively, another signature override can be added for the parameter, and then click Apply Policy. (You can remove the additional override and click Apply Policy again afterwards.)
Fixed the configuration of signature overrides after the parameter level is changed.