Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IQ Web App Security (ASM)
Known Affected Versions:
5.4.0, 5.4.0 HF1
Fixed In:
5.4.0 HF2
Opened: Feb 04, 2018 Severity: 3-Major
Some users receive a 403 Not Authorized error when attempting to manually accept a policy suggestion generated by the Central Policy Manager.
Non-privileged users cannot manually accept central policy builder suggestions.
This happens for users with the role of Web Application Manager, Web Application Editor, or Security Manager.
Provide users with Administrator role access to manually accept these suggestions.
After installing this fix, you must: 1) Note/record the built-in role names for each of your users and user groups. 2) Execute the /usr/bin/rbac-reset command on each BIG-IQ console device, so that roles are regenerated with the proper access privileges. 3) After the system is back up, add the users and groups back to the built-in roles saved in step 1. Users with the role of Web Application Manager, Web Application Editor, or Security Manager can now manually accept policy suggestions from the central policy manager.