Bug ID 638014: ASM end users blocked due to 'ASM Cookie Hijacking' violation after upgrade.

Last Modified: Feb 28, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Opened: Jan 10, 2017
Severity: 3-Major

Symptoms

ASM end users blocked due to 'ASM Cookie Hijacking' violation after upgrade.

Impact

ASM end user is blocked for the first request. The next request will pass.

Conditions

- The ASM end user left the browser window open. - The ASM admin upgrades the BIG-IP version to 13.0.0 or later. - The previous software version was earlier than version 13.0.0.

Workaround

Alert ASM end users who encounter the 'ASM Cookie Hijacking' block to attempt their request an additional time.

Fix Information

None

Behavior Change