Bug ID 555931: Brute Force Attack does not start from new entities

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:

Opened: Nov 03, 2015

Severity: 3-Major


An expected brute force attack does not start although the traffic pattern from an IP or to URL seems to be matching the configuration to start an attack.


A brute force attack is not detected and not prevented.


Brute force attack is configured. Failed logins are happening that matches the configuration. The entity (IP/URL) is generating traffic less than 2 minutes.



Fix Information

Brute force attacks on entities that generate traffic for less than 5 minutes detected and mitigated.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips