Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0
Opened: Aug 03, 2014 Severity: 4-Minor
A CSRF script does not iterate over frame links, causing a false positive CSRF violation.
A false positive CSRF violation.
CSRF is turned on a system that has frame links.
You can workaround this issue by using the URL list in the CSRF protection configuration.
The system now adds the CSRF token to frame links, fixing a false positive CSRF violation issue.