Bug ID 446774: Wildcard parameter is changed to "Ignore Value" when learning mode is "Add All Entities"

Last Modified: Nov 22, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.4.1

Fixed In:
11.6.0

Opened: Jan 30, 2014
Severity: 3-Major

Symptoms

The system skips significant parameter characteristics checks. The system will not perform checks on the parameter value.

Impact

Skipping significant parameter characteristics checks means temporarily downgrading the security. The system will not perform checks on the parameter value. (When this happens, signatures won't trigger violations against the wildcard parameter.)

Conditions

When learning mode for Parameters is changed to "Add All Entities", the Parameter Value Type for the wildcard parameter is changed to "Ignore Value".

Workaround

Manually change the Parameter Value Type for the wildcard to "User-input value".

Fix Information

When the "Explicit Entities Learning" setting for Parameters is changed to "Add All Entities", we changed the Parameter Value Type for the wildcard parameter from "Ignore value" to "User-input value". This was done in order for signatures to trigger violations against the wildcard parameter.

Behavior Change