Bug ID 522433: ASM REST: Added Missing Fields for Attack Signatures' Scope

Last Modified: Mar 12, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9

Fixed In:
12.0.0

Opened: May 10, 2015
Severity: 3-Major

Symptoms

There is no way to know to which scopes a signature applies, since the signature scope is missing from the REST state.

Impact

REST Clients (such as BIG-IQ) cannot filter Signatures by which context they apply to in order to limit which signatures are relevant to different entity types for overrides.

Conditions

ASM REST is used to view Attack Signatures.

Workaround

No programmatic workaround exists.

Fix Information

The following boolean fields have been added to the attack signature object in ASM REST, and correspond to the scope (Apply To) in the GUI. { "matchesWithinCookie": false, "matchesWithinGwt": false, "matchesWithinHeader": false, "matchesWithinJson": false, "matchesWithinParameter": false, "matchesWithinRequest": false, "matchesWithinResponse": false, "matchesWithinUri": false, "matchesWithinXml": false, }

Behavior Change