Bug ID 928685: ASM Brute Force mitigation not triggered as expected

Last Modified: Apr 24, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Fixed In:
16.1.0, 16.0.1.2, 15.1.3, 14.1.4.2, 13.1.4.1

Opened: Jul 20, 2020

Severity: 3-Major

Related Article: K49549213

Symptoms

Under certain conditions the Brute Force mitigation will not be triggered.

Impact

Brute Force mitigation is not triggered as expected.

Conditions

- ASM enabled - Brute Force mitigation enabled

Workaround

The following iRule will look for an issue with the authorization header and will raise an custom violation when this is happening: when ASM_REQUEST_DONE? {     if { [catch { HTTP::username } ] } {?      log local0. "ERROR: bad username";?      ASM::raise bad_auth_header_custom_violation ?    } }

Fix Information

Brute Force mitigation is now triggered as expected.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips