Mitigate Apache strut2 vulnerability, cve-2017-5638
Problem this snippet solves: F5 has updated the official KB article K43451236 on AskF5 to include an enhanced version of the iRule below that will protect your vulnerable web servers behind the BIG-...
Published Mar 07, 2017
Version 1.0
Someone just reported that this irule causes a false positive when the Content-Type header includes a boundry string:
Content-Type: multipart/form-data; boundary=-------2c5ad0c0c449
Also note that the F5 ASM (WAF) has built-in signatures that mitigates this.