Hi All - Do we know if F5 ASM has ability to detect and block exploits related to WP vulnerability. The CVE is CVE-2018-12895 - *https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/ The folks who discovered it. Claims WP has known about this for 7 months and still hasn’t alerted the public. Contains all technical details 2https://nvd.nist.gov/vuln/detail/CVE-2018-12895 Please let us know what we can do to protect our sites. Thanks so much !

ASM standard directory traversal attack signatures will provide built-in protection from CVE-2018-12895. WordPress v4.9.8 is now out with a fix for this vulnerability.

Forum Discussion

Deepu2017

Altostratus

Jul 03, 2018

Questions about WP vulnerability CVE-2018-12895

Hi All - Do we know if F5 ASM has ability to detect and block exploits related to WP vulnerability.

The CVE is CVE-2018-12895 -

*https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/ The folks who discovered it. Claims WP has known about this for 7 months and still hasn’t alerted the public. Contains all technical details 2https://nvd.nist.gov/vuln/detail/CVE-2018-12895

Please let us know what we can do to protect our sites.

Thanks so much !

ASM Advanced WAF

security

1 Reply

samstep
Cirrocumulus
Aug 10, 2018
ASM standard directory traversal attack signatures will provide built-in protection from CVE-2018-12895. WordPress v4.9.8 is now out with a fix for this vulnerability.