Bug ID 750631: There may be a latency between session termination and deletion of its associated IP address mapping

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6

Fixed In:
15.0.0, 14.1.2.7, 13.1.3

Opened: Nov 21, 2018

Severity: 3-Major

Symptoms

In SWG, if a new request from a client executes iRule command "ACCESS::session exists" when the session has expired previously, the command will return false. However, if command "ACCESS::session create" is executed following the exist command, the session ID of the previous session may be returned.

Impact

The Access filter will determine that the session ID is stale and, therefore, will redirect the client to /my.policy

Conditions

In SWG, if a new request from a client IP comes into the system right after its previous session has expired.

Workaround

None

Fix Information

N/A

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips