Bug ID 577440: audit logs may show connection to hagel.mnet

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
11.4.1, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:
12.1.0, 11.6.1 HF2

Opened: Mar 02, 2016
Severity: 2-Critical

Symptoms

An iControl host header is improperly formatted with the name hagal.mnet The request is properly delivered to the correct host but contains a badly addressed host header that is ignored. If the authorization fails for the icontrol query then the audit log will contain this destination information which may be confusing.

Impact

No impact to functionality but is confusing for log interpretation.

Conditions

Setting up device trust exercises this code path.

Workaround

There is not workaround

Fix Information

When this bug is fixed then the host header is properly formatted with the destination of the iControl request.

Behavior Change