Forum Discussion

MVP

Jun 07, 2012

ASM violation: Modified domain cookie(s)

im getting this violation, from the info provided by the ASM it seems to happen when the cookie is first set, am i correct on that? it feels like this is a quite common thing to happen, is it some you...

app sec

BIG-IP Access Policy Manager (APM)

security

BT_90520

Nimbostratus

Jun 12, 2012

actually if you look into ASM attack signature db, do a custom search with string like cookie, you can find the various web attack related attempt e.g. one of them is document.cookie (Headers) as XSS attempt. There are more notes to other online resources and more info...There is info titled with

Summary, Impact, Detailed Information, Affected Systems, Attack Scenarios, Ease of Attack, False Positives, False Negatives, Corrective Action....

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM violation: Modified domain cookie(s)

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

iRule to modify a content-security-policy header

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

modified domain cookies

Separating False Positives from Legitimate Violations

Samesite cookies on 1600's

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS