Bug ID 632344: POP DIRECTIONAL FORMATTING causes false positive

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:
13.1.0, 12.1.2 HF1

Opened: Dec 07, 2016
Severity: 3-Major
Related AskF5 Article:
K24114230

Symptoms

ASM reports false positive violation for the XML request.

Impact

When one of the following 3 byte chars arrives to the XML parser, the payload considered as malformed XML: LEFT-TO-RIGHT EMBEDDING (202a). RIGHT-TO-LEFT EMBEDDING (202b). POP DIRECTIONAL FORMATTING(202c).

Conditions

This occurs when using "%E2%80%AC" POP DIRECTIONAL FORMATTING as a input in the XML request.

Workaround

None.

Fix Information

This release now supports the following 3 byte chars within the XML parser: LEFT-TO-RIGHT EMBEDDING (202a). RIGHT-TO-LEFT EMBEDDING (202b). POP DIRECTIONAL FORMATTING(202c).

Behavior Change