Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2
Fixed In:
13.0.0, 12.1.2 HF1
Opened: Oct 05, 2016 Severity: 3-Major
Not able to detect failed login attempt if ASM policy is case insensitive, and incoming JSON string contains upper case.
Not able to detect failed login attempt if ASM policy is case insensitive, and incoming JSON string contains upper case.
ASM provisioned ASM policy is case-insensitive JSON profile, w/ JSON login parameter with an upper-case character
N/A
We've made sure that JSON login parameter are always treated as case sensitive, regardless of the ASM policy case sensitivity setting.