Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3
Fixed In:
14.0.0, 13.1.0.4
Opened: Nov 09, 2017 Severity: 3-Major
When a request arrives from Firefox running on iOS in desktop mode and without TSPD_101 (proactive bot defense cookie). The big-ip respond with captcha challenge.
Firefox (iOS desktop mode only) end-user presented with captcha challenge.
Dos profile attached to a virtual. Dos profile has application security enabled. Dos profile has proactive bot defense enabled.
Increase proactive bot defense score. list sys db dosl7.browser_legit_min_score_captcha sys db dosl7.browser_legit_min_score_captcha { value "60" }
User agent parser has been changed (adjusted) for the Firefox browser running in desktop mode. The browser is detected as safari pc and the browser version is taken from Mac version number.