Bug ID 750689: Request Log: Accept Request button available when not needed

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5

Fixed In:
15.0.0, 14.1.0.6, 14.0.1.1, 13.1.3

Opened: Nov 21, 2018

Severity: 3-Major

Symptoms

There are several violations that make requests unlearnable, but the Accept Request Button is still enabled.

Impact

Accept Request button is available, but pressing it does not change the policy.

Conditions

This occurs in the following scenarios: 1. Request log has requests with following violations that make requests unlearnable: - Threat Campaign detected. - Null character found in WebSocket text message. - Access from disallowed User/Session/IP/Device ID. - Failed to convert character. 2. Subviolations of HTTP protocol compliance fails violation: - Unparsable request content. - Null in request. - Bad HTTP version. 3. Only the following violations are detected: - Access from malicious IP address. - IP address is blacklisted. - CSRF attack detected. - Brute Force: Maximum login attempts are exceeded.

Workaround

None.

Fix Information

The Accept Request button is now disabled when there is nothing to be learned from request.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips