worapojc
Apr 01, 2022Altostratus
Solved
Does Spring4Shell impacts on F5 AWS WAF?
Hi F5 community,
I'm using these F5 rules for AWS WAF with API Gateway and Application Load Balancer resources.
- F5 Rules for AWS WAF - Common Vulnerabilities and Exposures (CVE)
- F5 Rules for AWS WAF - API Security Rules
How do I know these vulnerabilities are no impact on AWS WAF? or
Has it been fixed in the F5 rules? or
Do I need to create a custom F5 rules to protect these vulnerabilites?
Regards,
Worapoj
All the Support info is here: https://community.f5.com/t5/technical-forum/k24912123-mitigate-the-spring-framework-spring4shell-and-spring/td-p/294047
And, there was a Signiture Update Yesterday - Select Product and Path at https://downloads.f5.com/esd/productlines.jsp