Last Modified: Apr 10, 2019
See more info
Known Affected Versions:
11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3
12.0.0, 11.6.0 HF4, 11.5.1 HF6, 11.4.1 HF9
Opened: Sep 25, 2014
Related AskF5 Article: K17017
Create a local user (for dynamic user too) starting with upper case. When responding to logon page, user can enter all lower case or upper case or any combination of the same. User gets authenticated, however, for all different combinations of user names, it creates an entry in memcache. Actually there should be only one. So when the user gets deleted, all other entries remains in memcache.
This issue causes dangling memcache entries which does not have accountability.
This issue occurs While entering user name during logon page response.
This issue has no workaround at this time.
While creating memcache entry, we now normalize the username into utf8 lowerecase. This makes sure, there is only one entry for all combination of usernames.