Bug ID 858017: Creating attack signature filter in the Web Application Security policy as a viewer role user

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IQ Web App Security (ASM)(all modules)

Fixed In:
7.1.0

Opened: Dec 05, 2019

Severity: 4-Minor

Symptoms

User with viewer system privileges only is unable to create advanced filters for Attack Signatures in the subsection of Web Application Security because the Query Parameters are grayed out, however they are able to create advanced filters for Attack Signatures in the global section without issue.

Impact

Certain user roles cannot create an advanced filter for attack signatures list within a Web Application Security policy.

Conditions

1. Create user with role of Web Application Security Viewer and log into BIG-IQ. 2. Go to Configuration -> Security -> Web Application Security -> Attack Signatures. 3. Click the Advanced Filter option and then click Create. 4. Note how the Query parameters can be modified, for example, the Source drop down can be selected 5. Go to Configuration -> Security -> Web Application Security -> any policy -> Attack Signatures 6. Click the Advanced Filter option and then click Create 7. Note the Query parameters cannot be modified, for example, Source drop down is now grayed out.

Workaround

None

Fix Information

Any user can now create Advanced filters for attack signatures within the Web Application Security policy.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips