Bug ID 702350

Bug Tracker
ID 702350

Bug ID 702350: FingerPrint JS might be injected although it is disabled in all ASM features, and no DoS

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Opened: Jan 17, 2018

Severity: 4-Minor

Symptoms

Fingerprinting is injected while no ASM feature using it is asking for it.

Impact

FingerPrint JS is injected for each request.

Conditions

-- Web-scraping is configured in the policy history. -- Policy iss configured using REST.

Workaround

1. Turn on Bot detection and click Save. 2. Turn off Bot detection, FP flag, and suspicious clients detection, and click Save. 3. Apply Policy.

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips