Last Modified: Oct 15, 2025
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2
Fixed In:
17.5.1.3, 17.1.3
Opened: Apr 03, 2025 Severity: 3-Major
When configuring AFM DoS vector protections, the bad actor threshold cannot be set below 0.1% for the configured DoS vector rate threshold. This restriction may prevent users from tailoring thresholds for large-scale environments with high user volume and low per-user traffic.
Prevents deployment of granular bad actor detection in high-scale environments where per-source traffic is significantly lower than 0.1% of the total DoS vector threshold. This impacts the ability to accurately detect and mitigate abusive sources without affecting normal user behaviour.
AFM DoS Profile with per-source (bad actor) detection enabled. Bad actor threshold configured less than 0.1% for vector rate threshold.
None
Reduced bad actor threshold enforcement to allow configuration below 0.1% for the vector threshold (up to 0.01%), enabling finer-grained control over source detection in large-scale deployments.