Bug ID 524009: Incorrect parsing of abnormal request headers during DOS attacks

Last Modified: Mar 17, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3,,,,, 11.6.4, 11.6.5,,,

Fixed In:

Opened: May 19, 2015
Severity: 4-Minor


When the DOS profile is in use, and a client-side mitigation is active, in some rare cases the request headers were parsed incorrectly, causing valid requests to be reset.


Some valid requests are blocked during the client-side DOS mitigation.


DOS profile is used, DOS attack is active and mitigated using Client-Side Integrity. This is only relevant for the requests which are marked for DOS mitigation.



Fix Information

When mitigating a DOS attack using the Client-Side mitigation, requests with abnormal headers are no longer blocked.

Behavior Change