F5 Rules for AWS WAF - List of CVE

pracaburo · ‎31-Mar-2023

I have checked the AWS WAF F5 rule - Common Vulnerabilities and Exposures (CVE) rule on the AWS marketplace, but is there a WAF rule that corresponds to the following CVE?

- CVE-2022-24963(https://nvd.nist.gov/vuln/detail/CVE-2022-24963#match-8865215)

- CVE-2022-25147(https://nvd.nist.gov/vuln/detail/CVE-2022-25147)

Joel_Cohen · ‎03-Apr-2023

Thes two CVEs correspon to Integer Overflows, which are attacks that can not really be mitigated with AWS rules.

A common methon in application security for mitigating such attacks are size limits on paramters, for example.

That said, the F5 Rules for AWS WAF - CVE group does not have rules for the CVEs in question.

Thanks

DevCentral

F5 Rules for AWS WAF - List of CVE

Khoros Kudos Award 2022