Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6
Opened: Nov 06, 2016 Severity: 4-Minor
Two users cannot create policies at the same time.
Policy from one user can overwrite another's. Can also affect who can de-activate a policy.
-- Two users with admin authority are logged onto the GUI. -- Both begin creating separate ASM policies with distinct options. For instance: - User 'wafadmin1' logs in first. - User 'wafadmin2' logs in second. - Both are creating policies. - When wafadmin2 submits the policy, it's being overwritten by policy details given by wafadmin1. - Only user wafadmin1 can de-activate a policy; for other users the option itself is grayed out.
Have only one user at a time create/modify/delete policies.
None