Forum Discussion

Nimbostratus

Apr 27, 2014

ASM mitigation for vulnerability in Apache Struts

Does anyone know if ASM provides, or can provide, mitigation for this DOS vulnerability in Apache Struts? https://threatpost.com/apache-warns-of-faulty-zero-day-patch-for-struts/105691 than...

ASM Advanced WAF

security

spud_141786

Nimbostratus

May 02, 2014

Nir Zigler has a good write up here: https://devcentral.f5.com/articles/apache-struts-classloader-manipulation-vulnerabilities

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM mitigation for vulnerability in Apache Struts

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

UCS Encryption Question

Unblock Request WAF

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Mitigating Apache Camel Vulnerability CVE-2025–27636 with F5 Products

Mitigating Log4j Vulnerability using F5 BIG-IP

Mitigate Apache strut2 vulnerability, cve-2017-5638

Apache Log4j2 (CVE-2021-44228) mitigation iApp

Traffic Management User Interface Vulnerability: The Fix and Temporary Mitigation Options

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS