Bug ID 941621: Brute Force breaks server's Post-Redirect-Get flow

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
16.1.0, 16.0.1.1, 15.1.3, 14.1.4, 13.1.4

Opened: Sep 01, 2020

Severity: 3-Major

Related Article: K91414704

Symptoms

Brute Force breaks server's Post-Redirect-Get flow

Impact

Brute Force breaks server's Post-Redirect-Get flow

Conditions

ASM policy is attached to VS Brute force protection is enabled. CSI challenge or Captcha are in use. Server implements Post-Redirect-Get flow.

Workaround

None

Fix Information

Support PRG mechanism in brute force mitigations.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips