Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.3.0, 11.4.0, 11.4.1
Fixed In:
11.5.0, 11.4.1 HF2, 11.4.0 HF4, 11.3.0 HF8
Opened: Sep 01, 2013 Severity: 3-Major
During L7 DoS attacks that are mitigated with rate-limit, the drop ratio may remain around 95% and not increase further.
Some attacking traffic (between 0% and 5%) will reach the back-end server instead of being dropped.
During L7 DoS attacks in a DoS profile with TPS-based or Latency-based enabled and Rate-Limit Mitigation activated.
None.
The Rate-Limit Mitigation of L7 DoS attacks now blocks all traffic of attack entities in cases of traffic that is increased by 95% or more.