Last Modified: Nov 22, 2021
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
12.1.2, 12.1.1, 12.1.0, 12.0.0
Opened: Dec 05, 2014 Severity: 4-Minor
A hardware accelerated auto-blacklist policy assigned to a virtual server will act before policies attached to contexts that would normally act first. In software, Global IPI and ACL act before Route Domain IPI and ACL, and VS IPI and ACL act last. But hardware acts before software, and IPI-enforced auto-blacklisting implemented in HW will act before global and route domain policies implemented in software.
Unexpected order of policy actions.
SPVA, auto-blacklisting enabled in Single Endpoint Sweep vector.
None
None