Last Modified: Nov 15, 2019
Affected Product:
See more info
BIG-IP ASM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 15.0.0, 15.0.1
Opened: Apr 02, 2019
Severity: 4-Minor
When you make a Rest API call to /mgmt/tm/asm/policies/euMwbEcwgGlvVz1Gb0XZCA/signatures?$select=enabled,performStaging,inPolicy&$filter=signature/attackType/name%20eq%20%27Buffer%20Overflow%27%20, ASM responds with some signatures that are not in the policy.
Unexpected signatures are returned via the search.
Using ASM REST to search for policy attack signatures by an attribute of the signatures themselves. Example: GET /mgmt/tm/asm/policies/euMwbEcwgGlvVz1Gb0XZCA/signatures?$filter=signature/attackType/name%20eq%20%27Buffer%20Overflow%27
Add 'inPolicy eq true' to the search filter.
None