Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6
Fixed In:
14.1.0
Opened: May 03, 2018 Severity: 3-Major
A login might get rejected after a lower number of failed logins than is configured for 'Maximum Username Login Retries'. BIG-IP system posts the following error message: 530 Too many failed login attempts by the user.
A legitimate user might be rejected and have to wait until the configured 'Re-enable login' time.
-- The server sends unexpected ingresses that are rejected. -- There is a value specified for 'Maximum Username Login Retries'.
There is no workaround at this time.
This release provides an internal param that, when enabled, causes these unknown ingresses from the server to be ignored. Because of the traffic-specific nature of this issue, use of this internal parameter should occur under the direction of F5 Support.