Bug ID 893977: BIG-IQ does not properly export to XML ASM Response Page Login Page default values

Last Modified: Apr 23, 2020

Bug Tracker

Affected Product:  See more info
BIG-IQ Web App Security (ASM)(all modules)

Known Affected Versions:
6.1.0, 7.0.0, 7.0.0.1

Fixed In:
7.1.0

Opened: Mar 30, 2020
Severity: 3-Major

Symptoms

When the BIG-IQ exports an ASM Security Policy to XML, the Response Page: Login Page response is not properly included when set to default value (Default Response).

Impact

Response Page: Login Page response information (header and body) are missing from XML. Importing XML into BIG-IP will result in incomplete information for Response Page: Login Page. Note that when BIG-IQ Deploys new policies to BIG-IPs it will export the ASM Security Policy as XML and then import it into the BIG-IP, triggering this issue if the Response Page: Login Page response value is default. This process is an internal process that occurs when a new policy, with default values, is introduced to a BIG-IP via BIG-IQ.

Conditions

1. ASM Security Policy in BIG-IQ has Response Page: Login Page response set to default value (Default Response). 2. Export ASM Security Policy as XML.

Workaround

Ensure that ASM Security Policies on BIG-IQ have a Custom Response (instead of Default Response) in the Response Page: Login Page. This Custom Response can contain the exact same headers and body found in the Default Response and do not need to be altered.

Fix Information

Response page login default values are exported to XML as expected. No error is reported in ASM log.

Behavior Change