Bug ID 687984: Attacks with randomization of HTTP headers parameters generates too many signatures

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP AFM, ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1

Fixed In:
13.1.0.2

Opened: Oct 10, 2017

Severity: 3-Major

Symptoms

When attackers randomize HTTP headers parameters, Behavioral DoS (BADoS) might generate too many signatures.

Impact

The list of generated signatures is too long. It produces unnecessary CPU utilization for attack mitigation.

Conditions

Attacks with randomization of HTTP headers parameters.

Workaround

None.

Fix Information

Improved algorithm that detects a randomization.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5, Inc. All rights reserved. Policies | Privacy | Trademarks