Forum Discussion
F5 Rules for AWS WAF - CVE-2021-22118 & CVE-2016-1000027
- Sep 19, 2023
Hi chanzk ,
Unlike the full blown WAF security solutions, F5 rules on AWS WAF are limited in total capacity, limiting the types of CVEs we can offer protection against. Normally, F5 rules include protection against CVEs that are common among customers. CVE-2016-1000027 may affect only few, therefore it wasn't included yet. We will add it in our next updates.
CVE-2021-22118 is a local vulnerability, not a network vulnerability. So less relevant for a WAF.
Thanks.
Hi chanzk ,
Unlike the full blown WAF security solutions, F5 rules on AWS WAF are limited in total capacity, limiting the types of CVEs we can offer protection against. Normally, F5 rules include protection against CVEs that are common among customers. CVE-2016-1000027 may affect only few, therefore it wasn't included yet. We will add it in our next updates.
CVE-2021-22118 is a local vulnerability, not a network vulnerability. So less relevant for a WAF.
Thanks.
Hi Joel_Cohen ,
Thanks very much of the information. That is useful. May I know the schedule of next updates that invlude CVE-2016-1000027?
Regards,
- chanzkSep 21, 2023Altostratus
Hi Joel_Cohen ,
It would be helpful if I could know the schedule of next updates that include CVE-2016-1000027. Thanks.
Regards,
- Joel_CohenSep 21, 2023Employee
Hi chanzk ,
Apologies for the delayed response- we plan to update it by the first week of October.
Thanks,
- ambrosetseSep 26, 2023Altostratus
Hi Joel_Cohen ,
Can I ask for the update with CVE-2016-1000027. follow by this thread at October?
Thanks
- Joel_CohenSep 26, 2023Employee
Sure. I'll set myself a reminder to update this thread 🙂
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com