Bug ID 504232: Attack signatures are not blocked after signature/set change

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3

Fixed In:
12.0.0, 11.6.0 HF4

Opened: Feb 02, 2015
Severity: 2-Critical

Symptoms

System wide signature updates, like Attack Signature Update, can cause some security policies to erroneously change their enforcement of attack signatures to Transparent mode.

Impact

A security policy will not block attack signatures that are meant to be blocked.

Conditions

There are security policies in both Transparent and Blocking mode, and there is an update to the system's attack signatures.

Workaround

Toggle the transparent/enforce flag on a security policy, and apply the security policy.

Fix Information

We fixed an issue that caused false positives or a lack of enforcement (such as not blocking) when attack signatures were updated or modified.

Behavior Change