Last Modified: Apr 23, 2020
See more info
BIG-IQ Web App Security (ASM)
Known Affected Versions:
6.1.0, 7.0.0, 18.104.22.168
Opened: Mar 30, 2020
When the BIG-IQ exports an ASM Security Policy to XML, the Response Page: Login Page response is not properly included when set to default value (Default Response).
Response Page: Login Page response information (header and body) are missing from XML. Importing XML into BIG-IP will result in incomplete information for Response Page: Login Page. Note that when BIG-IQ Deploys new policies to BIG-IPs it will export the ASM Security Policy as XML and then import it into the BIG-IP, triggering this issue if the Response Page: Login Page response value is default. This process is an internal process that occurs when a new policy, with default values, is introduced to a BIG-IP via BIG-IQ.
1. ASM Security Policy in BIG-IQ has Response Page: Login Page response set to default value (Default Response). 2. Export ASM Security Policy as XML.
Ensure that ASM Security Policies on BIG-IQ have a Custom Response (instead of Default Response) in the Response Page: Login Page. This Custom Response can contain the exact same headers and body found in the Default Response and do not need to be altered.
Response page login default values are exported to XML as expected. No error is reported in ASM log.