Bug ID 737597: AVR DoS Attack report misses virtual server name in a specific config

Last Modified: Jun 30, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,,

Fixed In:

Opened: Jul 19, 2018
Severity: 3-Major


In Security :: Reporting : DoS : Network, the report shows the attack, but categorizes the attack under 'Aggregated' in the Virtual Server name value, rather than the actual name of the Virtual Server on which the attack is happening.


AVR report missing the Virtual Server information.


-- A Virtual Server is configured with a IP/Subnet range. For example, -- Virtual Server with Destination Address: (meaning the destination range is - -- Destination Address of the Client Traffic and Attack: View AVR Reporting, which does not resolve the to any specific Virtual Server, but instead categorizes the attack as 'Aggregate'.



Fix Information


Behavior Change