Forum Discussion

amalix

Nimbostratus

Aug 04, 2022

Grails Framework Remote Code Execution Vulnerability - CVE-2022-35912

Hi Everyone, Did anyone mitigate this vulnerability using ASM ? Regards

security

AaronJB

SIRT

Aug 25, 2022

There is an ASM signature for this - 200104796 - that signature is not specific to CVE-2022-35912 but rather is a generic mitigation for that class of attack, and existed prior to the disclosure of CVE-2022-35912.

As long as you have signatures newer than 2022/04/10 then you'll already have the latest version of that signature, and just need to ensure it is enabled in your policies.

Hope that helps!

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Grails Framework Remote Code Execution Vulnerability - CVE-2022-35912

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Enhancing Software Security with Rust: A Solution to Common Vulnerabilities

Minecraft Malware, Secure AI Framework - June 4 - June 9th F5 SIRT This Week in Security

Cyberattacks On Embassies, Threat Actor Using ChatGPT To Write Malware, and MMS Vulnerabilities

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS