For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

JasonTheF5Guy's avatar
JasonTheF5Guy
Icon for Nimbostratus rankNimbostratus
Jan 31, 2024

How do I figure out if F5 has an attack signature or threat campaign for a given vulnerability?

Given the recent Ivanti vulnerabilities I'm wondering if F5 has released any pertinent attack signatures and/or threat campaigns to help me defend against these vulnerabilities. However I'm not findi...
security
Mohamed_Ahmed_Kansoh's avatar
Mohamed_Ahmed_Kansoh
Icon for MVP rankMVP
Jan 31, 2024

Hi JasonTheF5Guy

I see the mentioned CVEs are related to ivanti :

So if you have any solution related to ivanti ( x pulse secure ) you can check and apply the needed workarounds. 

F5 announces each quarter all found CVEs and sometimes doesn't wait for each quarter in case of urgent or critical CVEs, thus I don't see any relatively to F5.

Thanks

  • JasonTheF5Guy's avatar
    JasonTheF5Guy
    Icon for Nimbostratus rankNimbostratus
    Jan 31, 2024

    Yes, these are Ivanti related CVE's.

    It's possible to protect an Ivanti solution by putting it behind an LTM/ASM and configuring a security policy within ASM. If somebody had done that then I'm wondering if F5 has a web site where I can quickly search for a given CVE (or some other vulnerability) and see if there is either a pre-packaged attack signature or threat campaign formulated to protect against that given vulnerability.