Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP TMOS
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4
Fixed In:
12.1.0
Opened: May 05, 2015
Severity: 3-Major
Each successful login request will create a token. If many tokens are created in a short amount of time, the system might run out of memory.
System becomes unstable as tokens take up more memory. The default configuration for tokens expiration is 20 minutes. Unexpired tokens are kept in memory so creating a large number in a short period might consume all memory.
Logon continuously at a very high speed. Logins must be successful to trigger this condition.
Check that API calls are limited per minute to avoid out of memory resource issues.
The system now guards against creating so many tokens at once that the system runs out of memory.
