Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4
Fixed In:
15.0.0, 14.1.2.1, 14.0.0.5, 13.1.1.4
Opened: Oct 03, 2018 Severity: 3-Major
Brute Force CAPTCHA response page shown to an end-user has a support id and the last digit is truncated.
The support id presented to an end-user won't be matched to the one shown in the asm logs
- ASM Provisioned - ASM policy attached to a virtual server - ASM Brute Force Protection enabled in the asm policy - ASM Brute Force sends captcha mitigation page when a website is under brute force attack.
There is no workaround at this time.
The code is fixed, correct support id is shown in the captcha response page.