Last Modified: May 31, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.4.0, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6
Fixed In:
12.0.0
Opened: Jan 05, 2014 Severity: 4-Minor
TS cookies can grow large, and that can have an effect on some servers/web applications.
There are also servers that restricts the total length of the cookie headers, therefore causing the ASM TS cookie to be an issue.
Many server cookies exists are set, causing the ASM main cookie to grow large in order to sign them all.
None
To prevent allowed cookies from growing too large, the system no longer signs explicit or wildcard allowed cookies when it no longer needs to learn the cookie, for example, when the policy builder is turned off.