Operational Defect Database

BugZero found this defect 32 days ago.

F5 | 1579553

Signatures triggered for cookies with empty values after upgrade to 17.1.1.1

Last update date:

5/15/2024

Affected products:

BIG-IP

BIG-IP ASM

BIG-IP Install/Upgrade

Affected releases:

17.1.1.1

17.1.1.2

17.1.1.3

Fixed releases:

No fixed releases provided.

Description:

Bug ID 1579553: Signatures triggered for cookies with empty values after upgrade to 17.1.1.1 ... Last Modified: May 15, 2024 ... Symptoms ... A "cc" execution attempt violation is triggered even though it doesn't have any value. ... Impact ... 1. "cc" execution attempt signature enforced. ... 2. Cookie with some "cc" characters in its value followed by a cookie with empty value. ... Workaround ... Rearranging the cookies will not cause violation. ... Fix Information ... None

Additional Resources / Links

Original Vendor Announcement

BugZero® Risk Score

What's this?

Coming soon

Status

New

Search:

...