Last Modified: Mar 30, 2023
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1
Fixed In:
14.1.0
Opened: Jun 19, 2018 Severity: 3-Major
During an attack, MySQL might log IP addresses that are not part of an attack along with the IP addresses that are part of the attack.
The system might log messages related to IP addresses that are not part of the attack. These IP addresses are not part of the attack and may be ignored.
This occurs when the system detects a BadEndpoint attack.
None
The system now tracks a special state that detects which Endpoints are bad, so it ignores the IP addresses that are not part of the attack.
The system now tracks a special state that detects which Endpoints are bad, so it ignores the IP addresses that are not part of the attack. DDoS reports are impacted by being sent out at approximately a 3-second interval as opposed to 1 second intervals using the default configuration.