Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP FPS
Known Affected Versions:
15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4
Opened: Dec 02, 2018 Severity: 4-Minor
When adding DOM signatures, you are able to specify an invalid hash-ID without error.
hash-ID is successfully inserted to the DOM signatures whitelist. The device will still function and the whitelist is ignored, but the invalid hash ID is still in the configuration and should be removed.
This is encountered when adding a DOM signature using tmsh. Here is an example where a2b2c3d4 is not a valid hash: tmsh modify security anti-fraud profile my1 urls modify { /login.php { malware { whitelist-dom-signatures add { a1b2c3d4 } } } }
add only valid hash-IDs to the DOM signatures whitelist
None
