BugZero | F5 BugID 748851 - Bot Detection injection include tags which may cau...

F5 - Defect ID: 748851

Bot Detection injection include tags which may cause faulty display of application

F5 - Defect ID: 748851

Bot Detection injection include tags which may cause faulty display of application

Last updated on November 15th, 2025

BugZero Risk Score
6.9 Medium

Overall: 6.9

Severity: 7.3

Community: 4.2

Lifecycle: 8.3

What is the BugZero Risk Score?

F5 Integration

Learn more about where this data comes from

F5 Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: 3-Major
Status: Verified
Impact Category: Application Security Manager
Views: 4

Description

Symptoms

The Bot Detection feature / Bot Defense profile includes JavaScript which is injected within <APM_DO_NOT_TOUCH> tags. Some web applications may be displayed incorrectly due to these tags.

Impact

Some web applications may be displayed incorrectly.

Conditions

- Your application includes JavaScript which dynamically adds HTML elements and expects a certain set of tags in the <head> section of the HTML. - Bot Detection / Bot Defense are enabled.

Workaround

None

Fix Information

There is now an ASM Internal Parameter 'inject_apm_do_not_touch' and a db variable 'asm.inject_apm_do_not_touch', which can be disabled (modify sys db asm.inject_apm_do_not_touch value false) to prevent the <APM_DO_NOT_TOUCH> tag from being injected, thus allowing the application to be displayed correctly.

Behavior Change

This release provides an ASM Internal Parameter 'inject_apm_do_not_touch', and a db variable 'asm.inject_apm_do_not_touch', which can be disabled (the default is enabled) to prevent the <APM_DO_NOT_TOUCH> tag from being injected, thus allowing the application to be displayed correctly. To disable db variable, run the following command: modify sys db asm.inject_apm_do_not_touch value false

Change history

2025-04-28 Added: 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 14.1.5.4, 14.1.5.6

Relevant Products

Click on a version to see all relevant bugs

Affected versions:13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 14.1.5.4, 14.1.5.6

Fixed versions: 15.0.0, 13.1.1.4

Relevant Products

Click on a version to see all relevant bugs

Fixed versions: 15.0.0, 13.1.1.4

Top F5 Defects

9.6Defect ID: 546260
TMM can crash if using the v6rd profile
9.6Defect ID: 740969
Menu visibility issue with newly activated license.
9.6Defect ID: 2141205
Tpm-status returns: "System Integrity: Invalid" for some Engineering Hotfixes
9.4Defect ID: 1116845
Interfaces using the xnet driver are not assigned a MAC address
9.4Defect ID: 1399369
While upgrading or rebooting an rSeries appliance that is running a standby BIG-IP tenant, the tenant goes active, causing the active peer tenant to go standby

Ready to prevent the next vendor outage?

Get a demo

F5 - Defect ID: 748851

Bot Detection injection include tags which may cause faulty display of application

F5 - Defect ID: 748851

Bot Detection injection include tags which may cause faulty display of application

Last updated on November 15th, 2025

BugZero Risk Score6.9 Medium

Bug Details

Symptoms

Impact

Conditions

Workaround

Fix Information

Behavior Change

Top F5 Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
6.9 Medium