For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Altocumulus rank

Altocumulus

Oct 09, 2024

Solved

Cookie not RFC-compliant - Cookie has no value

After upgrading the ASM to v16.1.5, applications are impacted due to this violation. Cookie: TS01e67e1b=01117c6e19857f90c59bf98aa78f99ae127e515a9e8b98b63394cb861749b60553d9deb146068ba33d4adc4809...

MoFaz
Oct 15, 2024
Hi GDC1-TRG-F5 ,

The article you mentioned in your pose is actually the solution to your issue, specifically point 2 under recommended actions.

K000140792: After upgrading to 17.1.1, 16.1.5, 15.1.10 , BIG-IP AWAF is blocking request with violation 'Cookie is not RFC compliant (cookie has no value)'

Address the cookie value in application. Until then disable violation Cookie not RFC-compliant in learning blocking setting.

Cheers,
Mo

Icon for Moderator rank

Moderator

Oct 21, 2024

Hi GDC1-TRG-F5 ,

I'll be marking this as solution. If I've mistakenly mark this as solution, please share why and any progress to date.

Thanks,

Mo

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Academy at AppWorld 2026

DevCentral News

Introducing the F5 AI Assistant for BIG-IP

Technical Articles

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5