Forum Discussion

Nimbostratus

Feb 20, 2015

relation between CVE numbers and F5 ASM attack signatures

I was wondering if there is a way to check if certain CVEs are covered by an ASM attack signature? For example for shellshock when you click on the attack signature in the F5 ASM you can see the...

Nimbostratus

Nov 27, 2016

I Agree with the point, i too was looking for the same function. It is very difficult to identify which signature to enable to mitigate specific vulnerability with CVE code. There is no way to conform if the CVE that we are trying to mitigate has a valid signature in ASM or not, and also if it has whether we have used it or not.

Relating between CVE and ASM signature is a very much required function and F5 should take the inactivate to involve this feature at the earliest.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

relation between CVE numbers and F5 ASM attack signatures

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

IRule to block different combinations host/uri

df -h /shared file missing

SSO login for APM Profiles

Need Advice on below issue

Virtual Server Configuration requirements for ISO 8583 traffic (Single persistent TCP session)

Related Content

Service Extensions with SSL Orchestrator User Coaching of AI Related Content

NGINX App Protect v5 Signature Notifications

Custom Attack Signatures

Disabling signature for a URL

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS