Last Modified: Apr 17, 2024
Affected Product(s):
BIG-IP AFM
Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4
Opened: May 19, 2020 Severity: 2-Critical
There is no FPGA support for vector number 105 (FPGA vector number). This is an L4 DDoS vector that rate limits the number of incorrect TCP ACK Cookies. The vector is commonly referred to as ACK_Cookie_Bad.
This vector is not hardware accelerated. The DDoS mitigation can rely only on software support for this DDoS vector.
This is encountered when a TCP BADACK DDoS vector is detected.
None.
None