Bug ID 540390: ASM REST: Attack Signature Update cannot roll back to older attack signatures

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP ASM, BIG-IQ(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
12.1.0, 12.0.0 HF3, 11.6.1, 11.5.4

Opened: Aug 18, 2015

Severity: 3-Major


There is no way to roll back to an older attack signature update using the REST interface


REST clients have no way to fully manage Attack Signature Updates for the BIG-IP


REST is used to manage Attack Signature Updates on a BIG-IP device, and an older version than the currently installed file is desired to be installed.


The GUI can be used to roll back to an earlier version

Fix Information

The REST API now includes support for the "allowOlderTimestamp" field to the update-signatures task in order to allow rolling back to an older attack signature update using the REST interface. POST https://<host>/mgmt/tm/asm/tasks/update-signatures/ { "allowOlderTimestamp": true, <Rest of body as usual> }

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips