Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP ASM
Known Affected Versions:
11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4
Fixed In:
12.0.0, 11.6.0 HF5, 11.5.3
Opened: Mar 02, 2015
Severity: 3-Major
A reconfiguration or security application attaching to a VIP or a new security policy or other big config change followed by a traffic halting/resetting, a shrinking message in the bd.log followed by A BD crash.
Traffic halted, a failover and traffic resets. BD will startup with the updated configuration in place.
Remote logger with "report anomalies" attached to the virtual, a session transaction attack is on-going and a configuration change of the session transaction configuration together with a custom header (for XFF) configuration. This can happen also when adding new web applications to existing virtual server or attaching existing web application to a virtual server while there is a session transaction attack on a virtual server.
Don't add security policies or attach security policies to a virtual server or reconfigure security policy or change the session transaction configuration together with the custom header configuration while there is a session transaction attack going on a virtual that has remote logger attached.
A crash that happens upon a specific configuration change was fixed.
