Bug ID 920197: Brute force mitigation can stop mitigating without a notification

Last Modified: Nov 23, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 16.0.0, 16.0.0.1, 16.0.1

Opened: Jun 23, 2020
Severity: 3-Major

Symptoms

A brute force attack coming from an entity (such as an IP address, etc.) may be stopped prematurely.

Impact

At some point, an entity might not be mitigated due to the sheer number of mitigated entities. When this occurs, there is no notification.

Conditions

-- Many brute force attacks are happening at once, coming from many sources. -- Distributed attack is not detected (due to configuration).

Workaround

None.

Fix Information

None

Behavior Change