F5 Rules for AWS WAF - List of CVE

Question

I have checked the AWS WAF F5 rule - Common Vulnerabilities and Exposures (CVE) rule on the AWS marketplace, but is there a WAF rule that corresponds to the following CVE?- CVE-2022-24963(https://nvd.nist.gov/vuln/detail/CVE-2022-24963#match-8865215)- CVE-2022-25147(https://nvd.nist.gov/vuln/detail/CVE-2022-25147)

joel_cohen · Answer

Thes two CVEs correspon to Integer Overflows, which are attacks that&nbsp;can not really be mitigated with AWS rules.&nbsp;
A common methon in application security for mitigating such attacks are size limits on paramters, for example.
That said, the F5 Rules for AWS WAF - CVE group does not have rules for the CVEs in question.
Thanks

Forum Discussion

F5 Rules for AWS WAF - List of CVE

1 Reply

Recent Discussions

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

google-visualization-issues

google autenticator broken barcode

Related Content

F5 Distributed Cloud Origin Server Subset Rules

F5 Rules for AWS WAF - List of CVE

F5 402 Exam reading list and notes

LTM Cipher rule

Logging all AFM Rules