Bug ID 705559: FPS: false positive "no strong integrity param" when none of the configured data-integrity params are present in request

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP FPS(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3

Fixed In:
14.0.0, 13.1.0.4

Opened: Feb 06, 2018
Severity: 3-Major

Symptoms

A false positive "no strong integrity param" is sent when none of the configured data-integrity parameters are present in the request.

Impact

A false positive "no strong integrity param" alert is sent.

Conditions

1. a protected URL has at least one parameter configured with data0integrity check enabled 2. enhanced data manipulation is enabled 3. a request without any of the data-integrity parameters is sent to the protected URL

Workaround

There is no workaround at this time.

Fix Information

"No strong integrity param" alert should be suppressed in case that none of the data-integrity parameters were sent. In case that forcing all data-integrity parameters was enabled (tmsh modify sys db antifraud.autotransactions.parameternameintegrity value enable) - the alert will be sent.

Behavior Change