Forum Discussion
chanzk
Altostratus
AltostratusF5 Rules for AWS WAF - CVE-2021-22118 & CVE-2016-1000027
Hello, We're checking in the AWS marketplace for the F5 Rules for AWS WAF - Common Vulnerabilities and Exposures (CVE) Rules and want to check if the following CVEs are covered by this rule set? C...
Hi chanzk ,
Unlike the full blown WAF security solutions, F5 rules on AWS WAF are limited in total capacity, limiting the types of CVEs we can offer protection against. Normally, F5 rules include protection against CVEs that are common among customers. CVE-2016-1000027 may affect only few, therefore it wasn't included yet. We will add it in our next updates.
CVE-2021-22118 is a local vulnerability, not a network vulnerability. So less relevant for a WAF.
Thanks.
ambrosetseAltostratus
AltostratusHi Joel_Cohen
I would like to know if the rule set is updated or not?
Joel_CohenEmployee
Hi ambrosetse
Yes it was updated. sorry it took me longer to answer than expected.
- ambrosetse
Hi Joel_Cohen
I would like to know if the current F5 rules for AWS WAF cover for the following vulnerabilities?
CVE-2022-22968, CVE-2022-22976, CVE-2022-22970, CVE-2022-22950, CVE-2023-20861 and CVE-2023-20863
If not, will they include at the future release?Thanks
Ambrose
- Joel_Cohen
Hi ambrosetse ,
These CVEs are not covered in the rule sets. We don't have these in our plans either.
Thansk
Joel
- ambrosetse
Hi Joel_Cohen
I would like to know if the following rule in "F5 Rules for AWS WAF - Common Vulnerabilities and Exposures (CVE) Rules" protect on the CVE-2016-100027?
If not, which rule will protect on the CVE?
Also, I find that the action is "Use action defined in the rule", I would like to know the default action of the rule is BLOCK or COUNT?
Pradeep_KandiHi ambrosetse
Yes, the rule you pasted will mitigate the CVE that was mentioned, and the deployed rules' course of action would be to BLOCK. Hope this helps.