Last Modified: Jul 13, 2024
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1
Opened: Sep 10, 2018 Severity: 3-Major
Setting up multiple DoS Application Profiles on the same Virtual Server via either iRules or LTM Policies causes DoSL7 attacks to not be detected or mitigated, if one of the profiles has Behavioral Detection enabled.
DoSL7 attacks are not detected and not mitigated, with no indication that they are not.
-- Multiple DoS profiles are configured on a single Virtual Server, either using the iRule DOSL7::enable command, or LTM Policies controlling the DoS profile. -- One of the DoS profiles on the Virtual Server has Behavioral Detection enabled, even if the Stress-Based Operation Mode is set to Off.
Disable Behavioral Detection on all of the DoS profiles that are directly or indirectly associated with the Virtual Server. If Stress-Based Operation Mode is set to Off, then you might need to temporarily set Stress-Based to Transparent, disable the Behavioral checkboxes, and then set Stress-Based Operation mode back to Off.
None