Bug ID 1084965: Low visibility of attack vector

Last Modified: Dec 18, 2024

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6

Fixed In:
17.1.1, 16.1.5

Opened: Mar 03, 2022

Severity: 3-Major

Symptoms

The DoS vector FIN 'Only Set' is not triggered and causes lack of visibility of the attack vector.

Impact

There is reduced visibility of possible attacks on the BIG-IP.

Conditions

-- Using BIG-IP Virtual Edition

Workaround

Check 'drop_inv_pkt' with the tmctl table, "tmm/ndal_rx_stats".

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips