Bug ID 719005: Login request may arrive corrupted to the backend server after CAPTCHA or CSID mitigation

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Fixed In:
14.1.0, 14.0.0.5, 13.1.0.8

Opened: May 08, 2018

Severity: 3-Major

Symptoms

Login request arrives corrupted (specifically, some of the characters in the payload are changed).

Impact

Login request fails.

Conditions

-- A brute force CAPTCHA or CSID mitigation happens. -- Specific traffic conditions.

Workaround

None.

Fix Information

CAPTCHA or CSID request-handling now works as expected.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5, Inc. All rights reserved. Policies | Privacy | Trademarks