Bug ID 527814: Brute force history averages do not decrease when login requests stop

Last Modified: Mar 17, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:

Opened: Jun 13, 2015
Severity: 3-Major


The calculation of brute force history averages may be wrong, causing the system to incorrectly detect brute force attacks.


False positive brute force attack may be detected.


If the failed login average increases, decreases, and then increases again, the system might detect a false positive brute force attack.



Fix Information

Brute force averages are correctly decreased when an a brute force attack is stopped.

Behavior Change