Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IQ Web App Security (ASM)
Known Affected Versions:
5.4.0, 6.0.1, 6.0.1.1, 6.0.1.2, 6.1.0, 7.0.0, 7.0.0.1, 7.0.0.2
Opened: Oct 23, 2019 Severity: 3-Major
Settings which had been inherited from a parent policy previously by a child policy but are now customized in the child policy may not be evaluated and consequently deployed to a target BIG-IP.
The change of the inheritance setting from Accept to Decline is properly evaluated and deployed to the target(s); however, all changed formerly inherited settings are neither evaluated nor deployed.
1. Child policy set to Inheritance: Accept 2. Inheritance: Accept is changed to Inheritance: Decline 3. Formerly inherited setting(s) are changed 4. Attempt to Deploy modified Child policy to BIG-IP(s)
After performing the initial evaluate and deploy which deploys the change of inheritance from Accept to Decline, a second evaluate and deploy of the child policy is needed to successfully deploy the changed, formerly inherited, settings as well.
None