Forum Discussion

Cirrostratus

Jul 08, 2025

IDOR and F5

Does F5 block IDOR vulnerability ? i think this is logical authorization flaw which should be fixed from application level as the WAF treat that as normal url . I'm right ? the case is when you chang...

application delivery

security

Injeyan_Kostas

Nacreous

Jul 09, 2025

Hi THE_BLUE

You are right, WAF will stil see a valid request, so no block.

You will need to fixed in app or use a user context aware mechanish like APM
Check this

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

CIS

container ingress services

devops

Gateway Fabric

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

IDOR and F5

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Same LTM Monitor applied to different Pools with Common Nodes

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Related Content

F5 HTTPS Redirect 2025

F5 Threat Report - November 26th, 2025

F5 Threat Report - November 19th, 2025

Introducing the F5 Application Study Tool (AST)

F5 Threat Report - December 10th, 2025

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS