Bug ID 767469: Searching ASM Policy Attack Signatures via Rest API can return signatures that are not in the policy

Last Modified: Jul 07, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,, 15.0.0, 15.0.1,,,

Opened: Apr 02, 2019
Severity: 4-Minor


When you make a Rest API call to /mgmt/tm/asm/policies/euMwbEcwgGlvVz1Gb0XZCA/signatures?$select=enabled,performStaging,inPolicy&$filter=signature/attackType/name%20eq%20%27Buffer%20Overflow%27%20, ASM responds with some signatures that are not in the policy.


Unexpected signatures are returned via the search.


Using ASM REST to search for policy attack signatures by an attribute of the signatures themselves. Example: GET /mgmt/tm/asm/policies/euMwbEcwgGlvVz1Gb0XZCA/signatures?$filter=signature/attackType/name%20eq%20%27Buffer%20Overflow%27


Add 'inPolicy eq true' to the search filter.

Fix Information


Behavior Change