Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP ASM, BIG-IQ
Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 12.0.0
Fixed In:
12.1.0, 12.0.0 HF1, 11.6.1, 11.5.4
Opened: Jul 20, 2015 Severity: 3-Major
BIG-IP computes the case-sensitive rest_uuid values for HTTP headers but stores the headers as case-insensitive.
Two identical normalized values may have different rest_uuid.
This is an example: 1. Go to Security>>Application Security>>Headers>>HTTP Headers. 2. Choose 'Custom...' for the name of the header. 3. Create a custom header as follows use name 'Abc' with Capital letter. 4. Remember the ID generated in the JSON element. 5. Delete the header. 6. Create a new custom header and use the name 'abc'. Actual Results: The ID of 'abc' and the ID of 'Abc' are different.
N/A
The REST "id" field is now calculated from the actual values inserted to the entity, and not on the user-input values.
