Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

SpringFramework 0-day

Dave_Pisarek
Cirrus
Cirrus

‎31-Mar-2022 07:58

Do we know if ASM is able to protect against this SpringFramework 0-day cve?

 

https://thehackernews.com/2022/03/unpatched-java-spring-framework-0-day.html

 

 

Labels:
3 REPLIES 3

F5LUX
Nimbostratus
Nimbostratus

‎31-Mar-2022 09:48

more infos coming soon:
https://support.f5.com/csp/article/K11510688

buulam
Community Manager
Community Manager

‎31-Mar-2022 14:17

WAF signatures have now been released: https://support.f5.com/csp/article/K24912123

~~~~~~~~~~~~~~~~~~
@buulam / YouTube.com/DevCentral
0 Kudos

Ismael_Goncalves
F5 Employee
F5 Employee

‎31-Mar-2022 16:05

I put together a Python script that enforces (remove from staging) the signatures ID explicited listed in the article K24912123. I hope it helps:
https://github.com/irgoncalves/f5-waf-enforce-sig-Spring4Shell

Related Content
Copyright © 2023 Khoros, LLC