Forum Discussion

zeropixel_23561's avatar
zeropixel_23561
Icon for Nimbostratus rankNimbostratus
Feb 24, 2016

Does XPath Injection attack signature include XXE in ASM?

In ASM, does XPath injection attack signature include XML External Entity attack? https://www.owasp.org/index.php/XML_External_Entity_%28XXE%29_Processing.

 

It is challenging because the attack signatures hyperlink popups a list of attack signatures, but there is no way to find out what exactly is included for each attack. How do we know if ASM is protecting or not?

 

  • Tikka_Nagi_1315's avatar
    Tikka_Nagi_1315
    Historic F5 Account

    ASM already covers the use of XML External Entities using signature 200018030. You can test to be sure that ASM is protecting.

     

    • Hussein_Ghazy_3's avatar
      Hussein_Ghazy_3
      Icon for Nimbostratus rankNimbostratus

      Hi Tikka

       

      I tested the signature and it is NOT triggered! Any ideas?

       

      Thanks and regards

       

      Hussein

       

  • To add to what Tikka suggested, we have Signature ID 200018030 as well as Signature ID 200018018 that should provide protection against the XML External Entity injection attack vector.