For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Chisato_Horimiz's avatar
Chisato_Horimiz
Icon for Nimbostratus rankNimbostratus
Nov 24, 2021

Detail of AWS WAF - Web Exploits Rules by F5's Rule

When we upload the Excel file, it is blocked by Web Exploits Rules by F5's Rule.   please see below WAFlog. ----------------------------------------------------------------------- {"timestamp":...
aws
F5 Rules for AWS WAF
security
boneyard's avatar
boneyard
Icon for MVP rankMVP
Nov 27, 2021

you can download a file here that lists the ID and the type of attack

 

https://devcentral.f5.com/s/articles/f5-rules-for-aws-waf-rule-id-to-attack-type-reference-33105

 

for c0ae2d87-48f1-4813-9e91-3e723f8d7b36 that is Server Side Code Injection

 

so there probably is something inside the excel file that looks like a server side code injection. which i can imagine for files as they can contain all kind of texts that triggers something like that.

 

perhaps someone from the AWS WAF team can provide more details.

Chisato_Horimiz's avatar
Chisato_Horimiz
Icon for Nimbostratus rankNimbostratus
Dec 01, 2021

Thank you for your Answer.