Bug ID 469825: Enforcer may crash when trying to match signatures on body of re-constructed request

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.6.2 HF1, 11.4.0, 11.4.1

Fixed In:
11.6.0, 11.5.1 HF5

Opened: Jul 01, 2014

Severity: 2-Critical

Symptoms

The BIG-IP system may temporarily fail to process traffic.

Impact

The BIG-IP system may temporarily fail to process traffic.

Conditions

1. Configure blocking bot detection with fingerprint. 2. Send a POST request without a referrer with some payload that includes a content attack signature that gets a client side challenge response.

Workaround

N/A

Fix Information

We fixed an issue where rarely the Enforcer crashed when trying to match signatures on the body of a re-constructed POST request.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips