Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4
Fixed In:
16.0.0
Opened: Jan 23, 2019 Severity: 4-Minor
When OpenApi2 (Swagger) array parameter receives an illegal location, the violation is reported both for the array parameter, and for each element of array.
Excessive "illegal location" violations are reported in log.
- API security policy has an array parameter configured - The array parameter is sent in location different from expected
N/A
ASM code was fixed to report the "illegal location" violation only on the array parameter, not on each element.