Last Modified: Oct 06, 2020
See more info
BIG-IQ Web App Security (ASM)
Known Affected Versions:
5.4.0, 5.4.0 HF1, 5.4.0 HF2, 6.0.1, 22.214.171.124, 126.96.36.199, 6.1.0, 7.0.0, 188.8.131.52
Opened: Oct 23, 2019
Settings which had been inherited from a parent policy previously by a child policy but are now customized in the child policy may not be evaluated and consequently deployed to a target BIG-IP.
The change of the inheritance setting from Accept to Decline is properly evaluated and deployed to the target(s); however, all changed formerly inherited settings are neither evaluated nor deployed.
1. Child policy set to Inheritance: Accept 2. Inheritance: Accept is changed to Inheritance: Decline 3. Formerly inherited setting(s) are changed 4. Attempt to Deploy modified Child policy to BIG-IP(s)
After performing the initial evaluate and deploy which deploys the change of inheritance from Accept to Decline, a second evaluate and deploy of the child policy is needed to successfully deploy the changed, formerly inherited, settings as well.