Last Modified: Sep 13, 2023
BIG-IQ Web App Security (ASM)
Opened: Feb 04, 2018 Severity: 3-Major
Some users receive a 403 Not Authorized error when attempting to manually accept a policy suggestion generated by the Central Policy Manager.
Non-privileged users cannot manually accept central policy builder suggestions.
This happens for users with the role of Web Application Manager, Web Application Editor, or Security Manager.
Provide users with Administrator role access to manually accept these suggestions.
After installing this fix, you must: 1) Note/record the built-in role names for each of your users and user groups. 2) Execute the /usr/bin/rbac-reset command on each BIG-IQ console device, so that roles are regenerated with the proper access privileges. 3) After the system is back up, add the users and groups back to the built-in roles saved in step 1. Users with the role of Web Application Manager, Web Application Editor, or Security Manager can now manually accept policy suggestions from the central policy manager.