Last Modified: May 29, 2024
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1
Fixed In:
17.0.0, 15.1.4
Opened: Apr 19, 2021 Severity: 3-Major
When a DoS profile is attached to a virtual server, the mitigation limit is set to the system limit and not the HSB limit. This causes more packets to be handled by software. Depending on attack size, it could pass up to 200% of the set mitigation limit. This can impact tmm performance.
Tmm performance may be degraded.
-- Dos profile is configured on virtual server. -- Hardware platform that has HSB -- Hardware mitigation is enabled
None
The HSB limit is set to (vector configured mitigation limit) / (number of hsbs on BIG-IP)