Last Modified: Oct 15, 2025
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
17.5.0, 17.5.1, 17.5.1.2, 17.5.1.3
Opened: Jul 18, 2025 Severity: 3-Major
Users may experience blocking of legitimate login attempts due to incorrect classification of failed logins.
Valid login attempts may be falsely flagged as brute force attacks, triggering enforcement actions such as CAPTCHA or blocking pages, potentially disrupting user access.
Occurs when brute force protection is enabled and login attempts are made to a configured login URL without authentication headers.
None
None