Forum Discussion

Nimbostratus

Feb 20, 2015

relation between CVE numbers and F5 ASM attack signatures

I was wondering if there is a way to check if certain CVEs are covered by an ASM attack signature? For example for shellshock when you click on the attack signature in the F5 ASM you can see the...

Noctilucent

there is rfe but it has not yet been implemented.

ID430144 - Attack signatures should be searchable by Reference (CVE)

Aaron_Booker

Employee

Jan 31, 2019

As noted in comments below beginning in BIG-IP 13.1.0, you can filter the Attack Signature List in the Configuration utility by the CVE listed in the attack signature references. AskF5 has published a brief how-to:

K45558510: Filtering the Attack Signature List by the referenced CVE

You can leave feedback about the article on the article page itself.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

relation between CVE numbers and F5 ASM attack signatures

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

Small question related to proxy_set_header Host

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

CBC ciphers in relation to RFC7366 Encrypt-then-MAC

F5 XC related articles in Technical Articles section of DevCentral

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS