Operational Defect Database
BugZero found this defect 118 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
F5 | 1490765
Request body can be unordered by bot-defense
Last update date:
4/26/2024
Affected products:
BIG-IP
BIG-IP ASM
Affected releases:
14.1.0
14.1.0.1
14.1.0.2
14.1.0.3
14.1.0.5
14.1.0.6
14.1.2
14.1.2.1
14.1.2.2
14.1.2.3
14.1.2.4
14.1.2.5
Fixed releases:
No fixed releases provided.
Description:
Bug ID 1490765: Request body can be unordered by bot-defense ... Last Modified: Apr 26, 2024 ... Affected Product(s): ... Severity: 2-Critical ... Symptoms ... Certain request body, such as request body from a trusted bot, can be unordered after bot-defense applied its enforcement. ... Impact ... Service or application that receives the unordered request body might not understand the request content and can fail. ... Conditions ... - bot-defense profile is in use - bot-defense performs rDNS lookup for the request - this manifests once in every five minutes ... Workaround
