BIG-IP Advanced WAF and ASM WebSocket security exposure
Discription

BIG-IP Advanced WAF and ASM incorrectly handle certain WebSocket requests.

This issue occurs when the following condition is met:

* BIG-IP Advanced WAF or ASM handles a malicious WebSocket message.

Impact

The attack signature check fails to detect and block requests, as expected of a security policy.

Symptoms

As a result of this issue, some requests are not blocked by Advanced WAF or the BIG-IP ASM system.Read More

Back to Main

Subscribe for the latest news: