Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4
Fixed In:
14.1.0, 14.0.0.5, 13.1.1.4
Opened: Jul 31, 2018 Severity: 3-Major
New urls representing javascript functions are learned from response.
Wrong URLs are created and added to the policy (not really interfering with enforcement but adds redundant noise to the policy)
Learn from response is turned on and URLs learning set to 'Always'
Either: - Change URL learning from 'Always' to any of the other learning options (Compact \ Selective \ Never). - Disable learn from response
javacript functions are no longer learned from responses as new URLs.