Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.1.0
Opened: May 05, 2015 Severity: 3-Major
Each successful login request will create a token. If many tokens are created in a short amount of time, the system might run out of memory.
System becomes unstable as tokens take up more memory. The default configuration for tokens expiration is 20 minutes. Unexpired tokens are kept in memory so creating a large number in a short period might consume all memory.
Logon continuously at a very high speed. Logins must be successful to trigger this condition.
Check that API calls are limited per minute to avoid out of memory resource issues.
The system now guards against creating so many tokens at once that the system runs out of memory.