Bug ID 734241: 'Detection Evasion' violations might not report violation details in their reports or in the GUI

Last Modified: Jun 29, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Opened: Jul 11, 2018
Severity: 4-Minor

Symptoms

Evasion technique details are not presented in the request log.

Impact

'Detection Evasion' attacks are reported the logs, but there are no violation details to help clarify what actually triggered.

Conditions

This occurs in either of the following scenarios: -- Many evasion techniques occur in a single request. -- The evasion techniques that occur are not set as enabled in the policy configuration.

Workaround

None.

Fix Information

None

Behavior Change