Forum Discussion

Nimbostratus

Nov 24, 2021

Detail of AWS WAF - Web Exploits Rules by F5's Rule

When we upload the Excel file, it is blocked by Web Exploits Rules by F5's Rule. please see below WAFlog. ----------------------------------------------------------------------- {"timestamp":...

MVP

you can download a file here that lists the ID and the type of attack

https://devcentral.f5.com/s/articles/f5-rules-for-aws-waf-rule-id-to-attack-type-reference-33105

for c0ae2d87-48f1-4813-9e91-3e723f8d7b36 that is Server Side Code Injection

so there probably is something inside the excel file that looks like a server side code injection. which i can imagine for files as they can contain all kind of texts that triggers something like that.

perhaps someone from the AWS WAF team can provide more details.

Chisato_Horimiz

Nimbostratus

Dec 01, 2021

Thank you for your Answer.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Detail of AWS WAF - Web Exploits Rules by F5's Rule

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

What is Web Cache Exploitation?

ASN Details

CrowdStrike Struck, PHP CVEs, Race to Exploitation Mountain and KEVs

Chrome zero-day fix MS Copilot Log4Shel still being exploited

Cross Site Scripting (XSS) Exploit Paths

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS