Forum Discussion

Altostratus

Aug 30, 2018

Attack Signatures for CVE-2016-1181

I am working with a application team to protect the app from CVE-2016-1181. Did not see any particular attack signatures for this CVE. Really appreciate If you can provide some insight ont...

ASM Advanced WAF

security

samstep

Cirrocumulus

Sep 02, 2018

My understanding is that the exploit code for this CVE was never published and the vendors (like IBM, SAP etc) simply released a patched version and so did Apache.

Theoretically any exploitation will be detected by ASM's many existing Java Code Injection attack signatures and several OS command execution signatures.

If you are working with the app team the best protection is to patch the backend - patches were released long time ago:

https://www.securityfocus.com/bid/91068

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Attack Signatures for CVE-2016-1181

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

certitcate error

Layered ASM for APM login page protection

migrate from serie I to R. Cluster LTM-GTM

APM URL encoding Hardening?

Trial License for F5 virtual edition in eve-ng

Related Content

November Security Research Update: Newly Released Attack Signatures

Custom Attack Signatures

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

Attack Signature False Positive Mode

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS