Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
11.4.0, 11.4.1
Fixed In:
11.4.1 HF2, 11.4.0 HF4
Opened: Sep 06, 2013 Severity: 3-Major Related Article:
K11214571
ICMP flood and other ICMP DoS attacks are not detected/mitigated for ICMP traffic that matches a forwarding virtual server (set to All protocols).
ICMP flood (and some other ICMP attack) may not be detected by AFM DoS when virtual server is configured in forwarding mode and protocols is set to 'All Protocols' on the virtual server. This may result in bad traffic being undetected/mitigated as configured by user for corresponding ICMP DoS vectors in AFM
ICMP traffic matches virtual server that is configured in forwarding mode and has protocol set to 'All Protocols'
This issue has no workaround at this time.
ICMP Flood Attack will now be detected by BIG-IP operating in firewall (AFM) mode for a Forwarding Virtual Server with protocol = 'All Protocols'.