Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP ASM, BIG-IQ
Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 12.0.0, 12.0.0 HF1, 12.0.0 HF2
Fixed In:
12.1.0, 12.0.0 HF3, 11.6.1, 11.5.4
Opened: Aug 18, 2015
Severity: 3-Major
There is no way to roll back to an older attack signature update using the REST interface
REST clients have no way to fully manage Attack Signature Updates for the BIG-IP
REST is used to manage Attack Signature Updates on a BIG-IP device, and an older version than the currently installed file is desired to be installed.
The GUI can be used to roll back to an earlier version
The REST API now includes support for the "allowOlderTimestamp" field to the update-signatures task in order to allow rolling back to an older attack signature update using the REST interface. POST https://<host>/mgmt/tm/asm/tasks/update-signatures/ { "allowOlderTimestamp": true, <Rest of body as usual> }
