Last Modified: Dec 14, 2020
Affected Product:
See more info
BIG-IP Install/Upgrade
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4
Fixed In:
16.0.0, 15.1.0.5, 14.1.2.8, 13.1.3.5
Opened: Nov 11, 2019
Severity: 3-Major
Related AskF5 Article:
K86285055
Global/URL/Flow Parameters with flag is_sensitive true are not masked in referrer and their value may be exposed in logs.
The parameter will not be masked in 'Referer' value header in logs, although it is masked in 'QS' string.
Global/URL/Flow Parameters with flag is_sensitive true are defined in the policy. In logs, the value of such parameter will be masked in QS, but will be exposed in the referrer.
Can defined the parameters as global sensitive parameters.
After the fix, such parameters will be treated like global sensitive parameters and will be covered also in the Referer