Bug ID 808889: DoS vector or signature stays hardware-accelerated even when traffic rate is lower than mitigation threshold

Last Modified: Oct 16, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP AFM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,,, 13.1.3,, 14.0.0,,,,,, 14.0.1, 14.1.0,,,,,,, 14.1.2,, 15.0.0, 15.0.1

Opened: Jul 24, 2019
Severity: 3-Major


Incorrect hw_offload status for DoS vector or signature in tmctl dos_stat after the attack has stopped.


DoS vector/signature stays hardware-accelerated.


BIG-IP system with DoS-accelerated vectors support (SPVA support).


After attack, change the state for DoS vector/signature to detect-only. Then return vector state to mitigate.

Fix Information


Behavior Change