Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

ASM NO SIGNATURE AVAILABLE FOR CVE-2021-21985

Go to solution
Intothecloud
Altocumulus
Altocumulus

‎23-Sep-2022 03:47

We have the latest signature applied on ASM but while filtering on ASM signtures  I can't find any signature for CVE-2021-21985. How can we make sure that signature for CVE-2021-21985 is published by F5?

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
PSilva
Legacy Employee
Legacy Employee
In response to PSilva

‎26-Sep-2022 10:29

OK, I heard straight from F5 SIRT that, 'Yep that signature exists in ASM since 2021/6/11.'

ps

View solution in original post

6 REPLIES 6

Go to solution
Samir
MVP
MVP

‎23-Sep-2022 04:07

F5 Team clearly says no impact from F5 ASM/WAF side

https://support.f5.com/csp/article/K32049501

0 Kudos

Go to solution
PSilva
Legacy Employee
Legacy Employee

‎23-Sep-2022 14:04

Not sure about the ASM Sig package but this is the page from VMware addressing that CVE - with the fixed version. Apologies if you're already aware of this: https://www.vmware.com/security/advisories/VMSA-2021-0010.html

ps
0 Kudos

Go to solution
Intothecloud
Altocumulus
Altocumulus
In response to PSilva

‎23-Sep-2022 14:08 - edited ‎23-Sep-2022 14:09

Yes , I have gone through the KB article , the issue is this VMware servers services are behind the F5 ASM and ASM block policy already applied to this servers but still our SIEM solution captured the exploit attempt matching ID CVE-2021-21985 so customer wanted to know why exploit attempt not blocked by the ASM when i checked the ASM signature i can't find any signature for this particular CVE. 

0 Kudos

Go to solution
PSilva
Legacy Employee
Legacy Employee

‎23-Sep-2022 14:29

Alright, I also found this: https://clouddocs.f5.com/cloud-services/latest/f5-cloud-services-Essential.App.Protect-Details.html

and it looks like it was added in 2021. But, this is for Essential App Protect and getting some clarity on if it was also included in the ASM package at the time. 

PSilva_0-1663967765949.png

 

ps
0 Kudos

Go to solution
PSilva
Legacy Employee
Legacy Employee
In response to PSilva

‎26-Sep-2022 10:29

OK, I heard straight from F5 SIRT that, 'Yep that signature exists in ASM since 2021/6/11.'

ps

Go to solution
Intothecloud
Altocumulus
Altocumulus
In response to PSilva

‎28-Sep-2022 06:05

Thank you @PSilva for taking time to follow up with relevant team, when i filtered using CVE field after applying latest signature it didn't show up anything that's why i created this post to get more information on this, I will check again for the same. 

Copyright © 2023 Khoros, LLC