Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7
Fixed In:
14.1.0, 13.1.0.8
Opened: May 06, 2018 Severity: 3-Major
The measured number of pending requests is two times higher than actual.
Server stress mechanism is more sensitive than planned. A temporary traffic spike can cause unnecessary DoS mitigation start. Note: The admd process provides stress-based DoS detection and mitigation control. When admd is not running, there is no stress-based anomaly detection or behavioral statistics aggregation.
Virtual server configured with a Behavioral DoS profile.
Modify the adm.health.sensitivity value. For example, to change health sensitivity from 50 to 500, run the following command: tmsh modify sys db adm.health.sensitivity value 500
Fixed initial adm flow sampling, so that the measured number of pending requests now equals actual.