Forum Discussion
F5 Rules for AWS WAF - CVE-2021-22118 & CVE-2016-1000027
- Sep 19, 2023
Hi chanzk ,
Unlike the full blown WAF security solutions, F5 rules on AWS WAF are limited in total capacity, limiting the types of CVEs we can offer protection against. Normally, F5 rules include protection against CVEs that are common among customers. CVE-2016-1000027 may affect only few, therefore it wasn't included yet. We will add it in our next updates.
CVE-2021-22118 is a local vulnerability, not a network vulnerability. So less relevant for a WAF.
Thanks.
Hi Joel_Cohen
I would like to know if the current F5 rules for AWS WAF cover for the following vulnerabilities?
CVE-2022-22968, CVE-2022-22976, CVE-2022-22970, CVE-2022-22950, CVE-2023-20861 and CVE-2023-20863
If not, will they include at the future release?
Thanks
Ambrose
Hi ambrosetse ,
These CVEs are not covered in the rule sets. We don't have these in our plans either.
Thansk
Joel
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com