Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
12.1.0, 12.1.1
Fixed In:
13.0.0, 12.1.2
Opened: Aug 15, 2016 Severity: 3-Major
When selenium client webdriver is detected running a browser Chrome or Firefox it is not being blocked due to low score being assigned by PBD (Suspicious Browsers) mechanism.
A bot which running selenium Chrome or Firefox webdriver isn't mitigated by DoSL7 PBD mechanism.
This occurs when ASM is provisioned with proactive bot defense enabled.
N/A
Adjusted scoring for selenium detection to trigger CAPTCHA upon an attempt to access a website without TSPD101 cookie (usually occurs upon accessing a website's first page)