Forum Discussion

MVP

Jun 04, 2022

iRule to mitigate CVE-2022-26134 (Confluence)

On June 2, 2022, Atlassian published a security advisory for CVE-2022-26134, a critical unauthenticated remote code execution vulnerability in Confluence. There is a patch available from Atlassian or...

application delivery

security

Daniel_Wolf

MVP

Jun 04, 2022

Seems meanwhile a knowledgebase article has been published.

K01204888: Mitigate the Atlassian Confluence vulnerability with the BIG-IP system

In case you have ASM or AWAF and you have enforced the signatures mentioned in K01204888, you are protected. In case you don't have ASM or AWAF my iRule might still help.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

iRule to mitigate CVE-2022-26134 (Confluence)

Recent Discussions

BIG-IP SysLog appearing in ossec.log

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

TMSH Command to list ASM policies not attached to any virtual servers in all partitions

dynamic signature detection

Related Content

Cyber Security Attack Mitigations with BIG-IP features

CitrixBleed Mitigation CVE-2023-4966

F5 Distributed Cloud L3-L7 DDoS Mitigation

F5 Distributed Cloud - Mitigation for Cross Tenant Origin Exposure (CTOE)

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS