Last Modified: May 29, 2024
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2
Fixed In:
16.1.0, 15.1.3, 14.1.4
Opened: Jul 01, 2020 Severity: 3-Major
False DoS attack detected. Behavioral DoS (ASM) might block legitimate traffic.
False DoS attack detected. Behavioral DoS (ASM) can block legitimate traffic.
This can occur for some requests that have high latency and low TPS.
Modify the default sensitivity value from 50 to 500: tmsh modify sys db adm.health.sensitivity value 500 For some sites with server latency issues, you might also have to increase the health.sensitivity value; 1000 is a reasonable number. The results is that the attack is declared later than for the default value, but it is declared and the site is protected.
Default sensitivity value 500 now illuminates false positive DoS attacks declaration.