Forum Discussion

Cirrus

Mar 31, 2022

SpringFramework 0-day

Do we know if ASM is able to protect against this SpringFramework 0-day cve? https://thehackernews.com/2022/03/unpatched-java-spring-framework-0-day.html

security

Ismael_Goncalves

Employee

Mar 31, 2022

I put together a Python script that enforces (remove from staging) the signatures ID explicited listed in the article K24912123. I hope it helps:
https://github.com/irgoncalves/f5-waf-enforce-sig-Spring4Shell

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SpringFramework 0-day

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

JSON Web Key Set Endpoint

Related Content

CloudBleed: Guess What? There was 0-day protection

PHP 7 Unserialize Mechanism 0-days

Remote Attestation, 0-Days, SEC - July 24th - 30th, 2023 - F5 SIRT - This Week in Security

Every Day is a 0-Day Nowadays

2 Microsoft 0-day, Linux kernel 6.0, Github Arctic Code Vault - This Week in Security - Sept 24-30

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS