f5 AWS WAF CVE coverage

Question

We are looking into blocking three very specific CVE's. I would like to know if they are covered by the f5 managed AWS WAF rules. I do however not wish to specific which in a public forum. Is there somewhere I can ask about coverage of specific CVE's?&nbsp;
/Martin&nbsp;

simon_blakely · Answer

Most of the ASM signatures cover a class (or type) of vulnerability, and are not specifically targeted at a CVE.&nbsp;
For example, many Command Injection vulnerabilities are blocked by ASM because there are signatures for the commands that would be included in an attack ("bash", "cmd.exe" etc).&nbsp;
Newly discovered CVE's that are blocked by existing signatures (i.e Zero Day protection) will not be recorded in any way.&nbsp;
Sometimes ASM rules are created for a specific CVE, and this will be listed in the Signature notes.  
&nbsp;
For a specific CVE, determine if it falls into one the common classes of vulnerabilities such as Command Injection - in which case it should be covered by the F5 Rules for AWS WAF - Web exploits OWASP Rules.&nbsp;
Otherwise (for a framework-specific CVE) it may be covered by F5 Rules for AWS WAF - Common Vulnerabilities and Exposures (CVE)&nbsp;
For more specific queries, you can approach AWS Support as detailed in  
&nbsp;

K21015971: Overview of F5 RuleGroups for AWS WAF&nbsp;

Forum Discussion

f5 AWS WAF CVE coverage

Recent Discussions

Http / https health monitor issue

F5-SDK Get GTM Pool Server, Virtual Server, Unused Objects, and JSON Conversion for Data Processing

F5 DNS Generic Host

How do I create a traffic log for two different route domains?

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

F5 rules for AWS WAF Terraform

Protect your AWS API Gateway with F5 BIG-IP WAF

Introduction of IDS and WAF

F5 Hybrid Security Architectures (Part 1 - F5's Distributed Cloud WAF and BIG-IP Advanced WAF)

F5 Rules for AWS WAF

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS