Last Modified: Sep 13, 2023
Known Affected Versions:
11.6.0, 11.6.1, 11.6.2, 11.6.3, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 11.6.4, 11.6.5, 188.8.131.52, 184.108.40.206, 220.127.116.11, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Opened: May 19, 2015 Severity: 4-Minor
When the DOS profile is in use, and a client-side mitigation is active, in some rare cases the request headers were parsed incorrectly, causing valid requests to be reset.
Some valid requests are blocked during the client-side DOS mitigation.
DOS profile is used, DOS attack is active and mitigated using Client-Side Integrity. This is only relevant for the requests which are marked for DOS mitigation.
When mitigating a DOS attack using the Client-Side mitigation, requests with abnormal headers are no longer blocked.