Bug ID 838277: Attack Signature names updated via ASU do not update in BIG-IQ policies

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IQ Web App Security (ASM)(all modules)

Known Affected Versions:
5.4.0, 5.4.0 HF1, 5.4.0 HF2, 6.0.1, 6.0.1.1, 6.0.1.2, 6.1.0, 7.0.0, 7.0.0.1

Opened: Oct 13, 2019
Severity: 3-Major

Symptoms

BIG-IQ Policies created before an ASU file which changes the names of Attack Signatures has been uploaded retain the original Attack Signature names. This results in an inability to alter the modified Attack Signatures in the Policies on BIG-IPs.

Impact

All previous-created policies referencing Attack Signatures with updated names are unable to modify those Attack Signatures. Re-discover/Re-import and Evaluate do not correct this issue. Policies created after the ASU import and deployment are not affected.

Conditions

-- Policy created prior to import of ASU. -- ASU import which alters name of one or more attack signatures. Note that all ASU files are cumulative, containing all changes from previously released ASU files. -- Imported ASU file is then deployed to one or more BIG-IPs.

Workaround

Export and then Import the affected policies on the BIG-IQ updates the affected Attack Signatures to the newly modified names.

Fix Information

None

Behavior Change