Last Modified: Sep 24, 2020
Affected Product:
See more info
BIG-IP LTM
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5
Opened: May 06, 2019
Severity: 3-Major
Requests with content-length 0 are still blocked by protocol compliance profile even if this setting has been disabled.
Violation is reported in event logs that the request is blocked with 'POST request with Content-Length: 0', which should not occur because that option is already disabled.
-- HTTP Protocol Security Profile associated with an LTM virtual server. -- Disable setting 'post-with-zero-length'. -- HTTP POST request with content-length 0 arrives.
None.
None