Forum Discussion

Nimbostratus

Feb 20, 2015

relation between CVE numbers and F5 ASM attack signatures

I was wondering if there is a way to check if certain CVEs are covered by an ASM attack signature? For example for shellshock when you click on the attack signature in the F5 ASM you can see the...

Nimbostratus

Nov 27, 2016

I Agree with the point, i too was looking for the same function. It is very difficult to identify which signature to enable to mitigate specific vulnerability with CVE code. There is no way to conform if the CVE that we are trying to mitigate has a valid signature in ASM or not, and also if it has whether we have used it or not.

Relating between CVE and ASM signature is a very much required function and F5 should take the inactivate to involve this feature at the earliest.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

relation between CVE numbers and F5 ASM attack signatures

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

Small question related to proxy_set_header Host

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

CBC ciphers in relation to RFC7366 Encrypt-then-MAC

Wildcard Parameter signature attack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS