Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IQ Web App Security (ASM)
Known Affected Versions:
5.2.0, 5.4.0, 6.0.1, 6.0.1.1, 6.0.1.2, 7.0.0, 7.0.0.1, 7.0.0.2
Opened: Dec 19, 2019 Severity: 3-Major
Changing a parent policy in learning mode, or other learn attributes under policy-builder settings, may not be reflected in child policies after initial deployment to BI-IQ.
There are differences to the child policy after deployment.
On BIG-IP 1. Have a parent policy with disabled learning mode and policy building section that has mandatory inheritance. 2. Have a child policy for the parent from step 1 with wildcard wc/urls. On BIG-IQ: 3. Change parent learning mode to manual 4. Deploy changes 5. Re-deploy
Redeploy the policies to synchronized the child policies with the parent policy changes.
None