Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP AFM, ASM
Known Affected Versions:
13.1.0, 13.1.0.1
Fixed In:
13.1.0.2
Opened: Oct 10, 2017 Severity: 3-Major
The number of the signatures per virtual server is not limited. This can result in a very large number of generated signatures during sophisticated attacks that use changing patterns. After a time, when a system experiences a number of attacks, the list of generated signatures can be too long.
High CPU utilization when mitigating. Overloaded GUI signatures screen.
-- Sophisticated attacks that use changing patterns. -- System experiences a large number of attacks.
Manually remove old / not-often-used signatures.
The system now limits the number of signatures per virtual servers, and optimizes per-signatures operation.