BugZero found this defect 1384 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
4/26/2024
BIG-IP
BIG-IP AFM
12.1.0
12.1.1
12.1.2
12.1.3
12.1.3.1
12.1.3.2
12.1.3.3
12.1.3.4
12.1.3.5
12.1.3.6
12.1.3.7
12.1.4
No fixed releases provided.
Bug ID 932553: An HTTP request is not served when a remote logging server is down ... Last Modified: Apr 26, 2024 ... Severity: 4-Minor ... Symptoms ... BIG-IP systems provide an option to sanitize HTTP traffic via the http_security profile. ... When the profile is configured to alarm on a violation, it is possible that a connection to the violating client is reset if a remote logging server is marked down. ... Impact ... -- A TCP connection to a client is reset by the BIG-IP system. -- The web page may not render, or may not render as expected. -- Data are not delivered to a server with a POST request. ... Conditions ... -- A BIG-IP system has an HTTP profile and and an http_security profile with the alarm option set. -- A remote logging server is configured via a BIG-IP pool. -- The pool has a monitor that marks all the pool members down. -- A request with an HTTP violation is processed and triggers an alarm configured in the http_security profile. ... Workaround