Bug ID 564324: ASM scripts can break applications

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6

Fixed In:
13.0.0, 12.1.3.7

Opened: Dec 22, 2015

Severity: 3-Major

Symptoms

ASM originated scripts are injected into places where they are not supposed to be, causing the script not to work and/or the application to break.

Impact

Application malfunctions, shows javascrip errors

Conditions

ASM is in front of a single page application, where injection is possible only for the main page. \ ASM has the CSRF or web scraping feature enabled.

Workaround

Turn off the relevant feature that causes the injection.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips