Bug ID 648639: TS cookie name contains NULL or other raw byte

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3

Fixed In:
13.1.0, 13.0.1,

Opened: Mar 02, 2017
Severity: 3-Major
Related AskF5 Article:


The TS cookie name may intermittently contain NULL.


False positives triggered on modified domain cookies.


This can occur intermittently when ASM is provisioned and has a unique combination of security policy name and the server's cookie attributes (path and domain).


To resolve this, change the policy security name.

Fix Information

Fixed an issue with the TS cookie name length.

Behavior Change