Bug ID 474430: Rare issue: client session might not be restored by fingerprint in the Web Scraping mitigation.

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3

Fixed In:
12.0.0, 11.6.0 HF4

Opened: Aug 05, 2014

Severity: 3-Major

Symptoms

It is possible for a user to restart the ASM session in a rare case.

Impact

Clients can bypass web scraping violations.

Conditions

There are Java-Script obfuscation changes.

Workaround

N/A

Fix Information

We fixed a rare problem in the Web Scraping mitigation, where a client session would not be restored by fingerprint.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips