For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Andy101's avatar
Andy101
Icon for Nimbostratus rankNimbostratus
Jul 23, 2021

False Positive on AWS WAF F5 Managed Rule F5#OWASP_Managed#rule_div_tag__behavior__Parameter__AllQueryArguments_Body

Hello   I'm not sure if this is a question for AWS support or F5 but I'll start with F5support.   We recently enabled 2 sets of rules on a AWS WAFv2 from F5 (F5-CVE_Managed and F5-OWASP_Manag...
aws
cloud
F5 Cloud Services
waf
gocker99's avatar
gocker99
Icon for Employee rankEmployee
Jul 26, 2021

From the description 'a div tag with a base64 encoded image.' This is a false positive based on the Attack signature regular expression matching on a random string in the bas64 string. You can disable that specific attack signature, but since you cannot control what string occurs when an image is converted to base 64, it would be difficult to prevent. We could give you more info with an example of the request.