Vulnerability | https://support.f5.com/csp/article/K19026212

Question

Hi All,&nbsp;hope you all are doing great.&nbsp;Regarding recent vulnerability (K19026212), it seems F5 module’s are not vulnerable to it but in a way to protect to Backend server we can apply suggested iRule. So my question is do i need to bind this irule in all LB VIPs (from application perspective) or only those VIPs which are in front of APACHE. 2) will there be any negative impact on vip post binding irule ? 3) what exactly this irule is doing ?&nbsp;regards,RAQS

josiah · Answer

For any security related issue, you should really open a support case and receive official advice from the security team. I post here with an F5 badge, but I am not a member of the SRT team and this should not be considered an official F5 security response.

1) only in front of APACE is fine

2) nothing is life is free, especially security! it takes time and CPU to execute irules and memory to store variables. the amount is likely trivial for most people, but what is trivial or not will differ depending on your needs

3) it scans the contents of the HTTP request for known attack signature patterns and drops the request if a match is found

Forum Discussion

Vulnerability | https://support.f5.com/csp/article/K19026212

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Enhancing Software Security with Rust: A Solution to Common Vulnerabilities

Cyberattacks On Embassies, Threat Actor Using ChatGPT To Write Malware, and MMS Vulnerabilities

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS