Skip to content

This enforces F5 WAF signatures for Spring4Shell and Spring Cloud vulnerabilities across all policies on a BIG-IP ASM device

Notifications You must be signed in to change notification settings

irgoncalves/f5-waf-enforce-sig-Spring4Shell

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 

Repository files navigation

f5-waf-enforce-sig-Spring4Shell

This enforces signatures for the vulnerabilities Spring Framework (Spring4Shell) and Spring Cloud vulnerabilities CVE-2022-22965, CVE-2022-22950, and CVE-2022-22963 across all policies on a BIG-IP ASM device.

Overview

This script enforces all signatures present in the list below related to the vulnerabilities Spring4Shell and Spring Cloud across all policies in blocking mode in the Adv. WAF/ASM.

For the current list of attack signatures related to the vulnerabilities above, check the following article as they might change: https://support.f5.com/csp/article/K24912123

This was tested on BIG-IP ASM/Adv.WAF v15.x but I expect this to work in v13/v14/v16 as well.

Prerequisites

Python 3.7+

The host machine needs to have connection to the BIG-IP management interface.

How to Use

usage: f5-waf-enforce-sig-Spring4Shell device

positional arguments:
  device      A file containing list of BIG-IP devices separated by line, e.g. devices.txt

About

This enforces F5 WAF signatures for Spring4Shell and Spring Cloud vulnerabilities across all policies on a BIG-IP ASM device

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages