Bug ID 872849: Signatures in the Web Application Security event logs might not show correct applied blocking masks

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IQ Web App Security (ASM)(all modules)

Known Affected Versions:
7.1.0

Fixed In:
7.1.0.1

Opened: Jan 27, 2020
Severity: 3-Major

Symptoms

Violation details of Attack Signature Detected, for a Web Application Security policy, report Applied Blocking Masks that are inconsistent with information reported on the host BIG-IP device.

Impact

The Applied Blocking Masks found in the Web Application Security event logs display the incorrect blocking masks for the signature violation of a Web Application Security policy.

Conditions

1. Generate a Web Application Security signature violation 2. Select the events and view the Application Blocking Masks in the violation details in the Web Application Security Event Logs (Monitoring > EVENTS > Web Application Security > Event Logs > Events). 3. View the Applied Blocking Settings violation details on the host BIG-IP device.

Workaround

N/A

Fix Information

Detected signatures in the Attack Signature Detected violation now show the correct blocking masks in the BIG-IQ Web Application Security event logs.

Behavior Change