Last Modified: Sep 14, 2023
Affected Product(s):
BIG-IP AFM, ASM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 14.1.5.4, 14.1.5.6
Fixed In:
15.0.0
Opened: Oct 08, 2018 Severity: 4-Minor
- When adding an fqdn to the address list in a DoS profile or shared objects, we can get this message if an FQDN policy is not configured: 01070734:3: Configuration error: Please configure a dns-resolver under global-fqdn-policy. However, if AFM is not provisioned, then an fqdn policy cannot even be configured. - HTTP (DoSL7) section of the DoS profile only supports single IP addresses, and IP with netmask. - DNS/SIP/Network sections of the DoS profile only support single IP addresses, IP ranges, and FQDN.
- Some of the entries in the address whitelist may not be applied in the DoS profile. - Confusing error messages
DoS profile is configured and IP whitelist contains IP ranges, netmasks, or FQDN.
- For HTTP (DoSL7) section of the DoS profile, use only Single IP addresses, or IP network + netmask. - For DNS/SIP/Network sections of the DoS profile, use only Single IP addresses, IP ranges, or FQDN.
None