Forum Discussion

Altostratus

Sep 14, 2023

Solved

F5 Rules for AWS WAF - CVE-2021-22118 & CVE-2016-1000027

Hello, We're checking in the AWS marketplace for the F5 Rules for AWS WAF - Common Vulnerabilities and Exposures (CVE) Rules and want to check if the following CVEs are covered by this rule set? C...

Joel_Cohen
Sep 19, 2023
Hi chanzk ,

Unlike the full blown WAF security solutions, F5 rules on AWS WAF are limited in total capacity, limiting the types of CVEs we can offer protection against. Normally, F5 rules include protection against CVEs that are common among customers. CVE-2016-1000027 may affect only few, therefore it wasn't included yet. We will add it in our next updates.

CVE-2021-22118 is a local vulnerability, not a network vulnerability. So less relevant for a WAF.

Thanks.

whisperer

MVP

The following is good generic info on the F5 WAF:

https://www.f5.com/company/blog/how-does-a-waf-mitigate-vulnerabilities

You would probably be looking at signatures. You can look at these if you have a test or eval instance running of the product:

https://my.f5.com/manage/s/article/K41207833

chanzk

Altostratus

Sep 18, 2023

Hi whisperer ,

Thanks for the reply. As I mentioned, I am using AWS marketplace for the F5 Rules for AWS WAF - Common Vulnerabilities and Exposures (CVE) Rules. Therefore I do not have access to the BIG-IP ASM/AdvWAF Configuration Utility. Does it mean that it is impossible to check what CVEs are included when subscripting F5 rules from AWS marketplace?

Thanks.

Forum Discussion

F5 Rules for AWS WAF - CVE-2021-22118 & CVE-2016-1000027

Recent Discussions

Reliable resources for identifying IP addresses

Maximum throughput of f5 ltm

Issue on license renewal

iRule cookie persistence and pool redirect

redirect not working

Related Content

F5 Distributed Cloud Origin Server Subset Rules

LTM Cipher rule

Logging all AFM Rules

.htaccess to Nginx rules

AFM Protocol Inspection rules for CVE-2022-3602 (aka SpookySSL)