Last Modified: Jan 19, 2023
Affected Product:
See more info
BIG-IP ASM
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 17.0.0
Fixed In:
17.0.0.1, 16.1.3.1, 15.1.6.1, 14.1.5.1
Opened: Sep 24, 2020
Severity: 4-Minor
Currently when Device ID is enabled, the BIG-IP system counts stateful anomalies on both IP and Device ID. When a client has a proxy (without XFF), and many requests arrive with the same IP, this can cause false positives
False positives may occur in case of a proxy without XFF
- Bot Defense profile is attached to a virtual server. - Bot Defense profile has "Browser Verification" set to "Verify After Access" or "Device ID Mode" set to "Generate After Access".
None
Stateful anomalies are no longer counted on IP when Device ID is enabled
