Bug ID 824917: Behavioral DoS dashboard disregards user access rights to virtual servers

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP AVR(all modules)

Known Affected Versions:
15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4

Fixed In:
15.1.0

Opened: Sep 11, 2019

Severity: 3-Major

Symptoms

For users that have access to particular partition(s) only, the Behavioral DoS dashboard shows data for all virtual servers, including virtual servers in partitions that this user does not have access to.

Impact

User can see BADOS statistics data related to restricted partitions.

Conditions

-- logged into the GUI as a user which only has access to one partition -- viewing the Behavioral DoS dashboard -- The device has virtual servers on partitions to which the current user has no access.

Workaround

None

Fix Information

Added a mechanism for getting ADM real time data only for virtual servers accessible by the user.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips