Does Spring4Shell impacts on F5 AWS WAF?
Hi F5 community,
I'm using these F5 rules for AWS WAF with API Gateway and Application Load Balancer resources.
- F5 Rules for AWS WAF - Common Vulnerabilities and Exposures (CVE)
- F5 Rules for AWS WAF - API Security Rules
How do I know these vulnerabilities are no impact on AWS WAF? or
Has it been fixed in the F5 rules? or
Do I need to create a custom F5 rules to protect these vulnerabilites?
All the Support info is here: https://community.f5.com/t5/technical-forum/k24912123-mitigate-the-spring-framework-spring4shell-and-spring/td-p/294047
And, there was a Signiture Update Yesterday - Select Product and Path at https://downloads.f5.com/esd/productlines.jsp