Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

thekoreanguy's avatar
thekoreanguy
Icon for Altostratus rankAltostratus
Oct 24, 2024

Curious about the ASM Attack Signature Update

When I update signatures through ".im files", some signatures were often deleted. I thought the signatures to be deleted would be "risk : low" or "accuracy : low". But their risk, their accuracy, w...
security
Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP
Oct 25, 2024

Hi thekoreanhuy,

Looking at the ASM Signatures Release Notes, I see that six signatures have been removed in the last year. There are signatures with the same name but different ids, except "cmmd" signatures.

ASM-AttackSignatures_20240814_183003:
Deleted Information Leakage signature 200009311 for WordPress User Meta Information Disclosure (2)

ASM-AttackSignatures_20240530_071654:
Deleted Predictable Resource Location signature 200010472 for Joomla! webservice endpoint unauthorized access

ASM-AttackSignatures_20240507_152613:
Deleted Command Execution signature 200003079 for "cmmd" execution attempt
Deleted Command Execution signature 200003199 for "cmmd" execution attempt (Header)
Deleted Command Execution signature 200003200 for "cmmd" execution attempt (URI)

ASM-AttackSignatures_20231122_200704:
Deleted Server Side Code Injection signature 200004163 for PHP injection attempt (passthru)