Forum Discussion

Cirrus

Dec 12, 2021

Vulnerability | https://support.f5.com/csp/article/K19026212

Hi All, hope you all are doing great. Regarding recent vulnerability (K19026212), it seems F5 module’s are not vulnerable to it but in a way to protect to Backend server we can apply sugg...

application delivery

LTM

Josiah

Employee

Dec 13, 2021

For any security related issue, you should really open a support case and receive official advice from the security team. I post here with an F5 badge, but I am not a member of the SRT team and this should not be considered an official F5 security response.

1) only in front of APACE is fine

2) nothing is life is free, especially security! it takes time and CPU to execute irules and memory to store variables. the amount is likely trivial for most people, but what is trivial or not will differ depending on your needs

3) it scans the contents of the HTTP request for known attack signature patterns and drops the request if a match is found

Forum Discussion

Vulnerability | https://support.f5.com/csp/article/K19026212

Recent Discussions

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Can iRule mask the payload content on event logs of security

Pricing when used with aws waf

Related Content

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Vulnerability CVE-2023-45648 in ApacheTomcat

Re: Mitigation of OWASP API6: 2019 Mass Assignment vulnerability using F5 Distributed Cloud Platform

Reviewing vulnerability scanner results for an APM protected Virtual Server - part two