Bug ID 520732: XML policy import adds default entities if the relevant element list (in policy xml doc) is specified and empty

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8

Fixed In:
12.0.0, 11.6.1

Opened: Apr 30, 2015

Severity: 3-Major

Symptoms

Default entities (File types, Parameters, URLs, Cookies, Signatures, Redirection Domains and Brute Force Log-In URLs) are added to the policy upon XML policy import.

Impact

XML policy import adds default entities if the relevant element list (in policy XML doc) is specified and empty.

Conditions

ASM policy with entities of some type (File types, Parameters, URLs, Cookies, Signatures, Redirection Domains and Brute Force Log-In URLs) deleted (all entities of that type). Export it to XML and then import that XML back - the default entities are added.

Workaround

The relevant element list (in the policy XML doc), that is specified and empty, should be completely removed (from the policy XML doc).

Fix Information

ASM no longer adds default entities if the relevant element list (in the policy XML document) is specified and empty.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips