Forum Discussion
6 Replies
F5 Team clearly says no impact from F5 ASM/WAF side
- PSilvaRet. Employee
Not sure about the ASM Sig package but this is the page from VMware addressing that CVE - with the fixed version. Apologies if you're already aware of this: https://www.vmware.com/security/advisories/VMSA-2021-0010.html
- IntothecloudAltocumulus
Yes , I have gone through the KB article , the issue is this VMware servers services are behind the F5 ASM and ASM block policy already applied to this servers but still our SIEM solution captured the exploit attempt matching ID CVE-2021-21985 so customer wanted to know why exploit attempt not blocked by the ASM when i checked the ASM signature i can't find any signature for this particular CVE.
- PSilvaRet. Employee
Alright, I also found this: https://clouddocs.f5.com/cloud-services/latest/f5-cloud-services-Essential.App.Protect-Details.html
and it looks like it was added in 2021. But, this is for Essential App Protect and getting some clarity on if it was also included in the ASM package at the time.
- PSilvaRet. Employee
OK, I heard straight from F5 SIRT that, 'Yep that signature exists in ASM since 2021/6/11.'
- IntothecloudAltocumulus
Thank you PSilva for taking time to follow up with relevant team, when i filtered using CVE field after applying latest signature it didn't show up anything that's why i created this post to get more information on this, I will check again for the same.