Mitigate Apache strut2 vulnerability, cve-2017-5638

Problem this snippet solves: F5 has updated the official KB article K43451236 on AskF5 to include an enhanced version of the iRule below that will protect your vulnerable web servers behind the BIG-...

Published Mar 07, 2017

Version 1.0

application delivery

John_Alam_45640

Historic F5 Account

Joined June 12, 2006

John_Alam_45640

Historic F5 Account

Joined June 12, 2006

Icon for Altocumulus rank

Altocumulus

Mar 09, 2017

For what it might be worth. We mocked an attack with this exploit by using the PoC found on the net. When we targeted a known server that was vulnerable before we patched it, we found that our current Attack Signature database (We're on version 11.x) was already protecting against CVE-2017-5638

These are the Attack Signatures that detected the attempted exploit Code Injection Java (Accessing attributes) Java Code Injection (java packages) (Header) "/bin" execution attempt (Headers)

hth