F5 doesn't signatures for cve

Question

f5 doesn't have signatures for below : CVE-2023-42627CVE-2024-26272CVE-2023-33945&nbsp;&nbsp;could you help me to create custom signatures?&nbsp;

zamroni777 · Answer

i see that liferay uses tomcat and MariaDB, MySQL, Oracle or&nbsp;PostgreSQL database.https://learn.liferay.com/web/guest/w/dxp/self-hosted-installation-and-upgrades/installing-liferay/configuring-a-database
and the cves are about xss, xsrf and sql injection attacks.the signatures for that kinds of attack are usually already inlcuded in ASM policies by selecting Server Technologies items.
ensure that you have installed latest asm signaturesand the Server Technologies settings match the components used by your liferay servers.
&nbsp;

&nbsp;

vgf5 · Answer

Hi THE_BLUE​&nbsp;Please use below link to create custom signatures.https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-attack-and-bot-signatures-14-1-0/writing-custom-attack-signatures.html&nbsp;

the_blue · Answer

i need the signture itself ex: regex or if there is any keyword for the mentioned cve

jonathancert · Answer

How did you determine these CVE is required for your F5 software version?&nbsp; Did you upload a Qkview to confirm security vulnerabilities?

the_blue · Answer

it's not for f5 software , it's related to liferay application and i am securing application running liferay

Forum Discussion

F5 doesn't signatures for cve

5 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

November Security Research Update: Newly Released Attack Signatures

NGINX App Protect v5 Signature Notifications

Custom Attack Signatures

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

Disabling signature for a URL

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS