Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4
Fixed In:
12.1.0
Opened: Jan 13, 2016 Severity: 3-Major
SAML authentication requests exceeding 64k caused APD to loop and never complete the transaction.
Incomplete requests consume APD resources eventually requiring a restart of APD.
Authentication requests using the POST method where any POST body parameter exceeds 64000 bytes could not be precessed and APD would loop.
None
POST parameters exceeding the available buffer size are properly detected and the request is aborted.