Forum Discussion

Nimbostratus

Dec 19, 2021

Log4j iRule mitigation as described in K59329043 - which encoding is the regex using ?

Hi Community, just for my understanding - can someone please clarify which encoding is being used in the regex with F5 release under K59329043 in order to mitigate log4j CVEs exploits ? I...

MVP

Dec 19, 2021

Hi ,

the regex will search for some possible variants and obfuscations of the well-known string that is used to exploit the log4shell vulnerability.

Paste the full string without the {} here: https://regex101.com/.

You will get an awesome explanation with syntax highlighting.

Daniel

L__G_
Altostratus
Jan 11, 2022
Hello

Another great site for regex visualisation : regexper.com

Copy paste the F5 regex without the {} and (?i).

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Log4j iRule mitigation as described in K59329043 - which encoding is the regex using ?

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

CitrixBleed Mitigation CVE-2023-4966

F5 Distributed Cloud L3-L7 DDoS Mitigation

Cyber Security Attack Mitigations with BIG-IP features

Mitigating OWASP API Security risks using BIG-IP

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS