Bug ID 474430: Rare issue: client session might not be restored by fingerprint in the Web Scraping mitigation.

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3

Fixed In:
12.0.0, 11.6.0 HF4

Opened: Aug 05, 2014
Severity: 3-Major

Symptoms

It is possible for a user to restart the ASM session in a rare case.

Impact

Clients can bypass web scraping violations.

Conditions

There are Java-Script obfuscation changes.

Workaround

N/A

Fix Information

We fixed a rare problem in the Web Scraping mitigation, where a client session would not be restored by fingerprint.

Behavior Change