Bug ID 521572: Overly aggressive API use can lead to system instability.

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:

Opened: May 05, 2015
Severity: 3-Major


Each successful login request will create a token. If many tokens are created in a short amount of time, the system might run out of memory.


System becomes unstable as tokens take up more memory. The default configuration for tokens expiration is 20 minutes. Unexpired tokens are kept in memory so creating a large number in a short period might consume all memory.


Logon continuously at a very high speed. Logins must be successful to trigger this condition.


Check that API calls are limited per minute to avoid out of memory resource issues.

Fix Information

The system now guards against creating so many tokens at once that the system runs out of memory.

Behavior Change