For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

May 02, 2017

ASM mitigation for vulnerability in Apache Struts1(CVE-2016-1181)

Can you please give me information on ASM mitigation for vulnerability in Apache Struts1(CVE-2016-1181)?

application delivery

ASM Advanced WAF

4 Replies

Snl
Cirrostratus
May 02, 2017
have you gone through below link K40444230
yamashin55
Cirrus
May 02, 2017
I also want to solve this problem. I have a vulnerability in Apache Struts1(CVE-2016-1181) on my WEB server.

My BIG-IP is running the LTM+ASM.

Can I defend the vulnerability on Web Server with ASM's custom signature?
Spirospero_3352
Nimbostratus
Oct 03, 2017
I also want to defend this problem using an ASM signature. Yes, I have looked at all the upgrade fixes, but unfortunately we cannot manage to fit a release in as soon as we would like. Hence it would be ideal if we could mitigate the issue using an ASM signature until the fix can be released.
- mtojo
  Nimbostratus
  Oct 03, 2017
  I wait for formal ASM signature release.Thank you very much.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Academy at AppWorld 2026

DevCentral News

Introducing the F5 AI Assistant for BIG-IP

Technical Articles

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5