Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP ASM
Fixed In:
17.5.0
Opened: Aug 07, 2024 Severity: 3-Major
An "Illegal login attempt" violation is triggered for a request to login pages when authentication type is different from Basic/Digest, for example HTML Form
A valid login request to the login page will be blocked due to an "Illegal login attempt" violation
-- Enabled Alarm and Block flags for "Illegal login attempt" violation and login page with Authentication -- Type is not set to Basic/Digest
None
1) Imported policy with enabled Alarm and Block flags for "Illegal login attempt" violation and login page "/login.php" with Authentication Type = HTML Form, Username=user, Password=pass 2) Sent request: GET /login.php?user=test&pass=1234 Results before fix: Request is blocked with an "Illegal login attempt" violation Results after fix: No violation detected