End of march 2022, that we found publish about vulnerabilities,

  • Spring Framework RCE (Spring4Shell): CVE-2022-22965
  • Spring Framework DoS: CVE-2022-22950
  • Spring Cloud RCE: CVE-2022-22963

05/04/2022 F5 update that F5 products not have this vulnerability.

Reference Article Links: https://support.f5.com/csp/article/K11510688

F5 mitigations using this vulnerability with BIG-IP ASM/Advanced WAF to protect back-end systems

K24912123: Mitigate the Spring Framework (Spring4Shell) and Spring Cloud vulnerabilities with the BIG-IP system

K54094280: Mitigate the Spring Framework (Spring4Shell) and Spring Cloud vulnerabilities with NGINX Application Security products

 676 total views,  2 views today

Related Posts

  • I would like to provide how to add or reactivate license on F5 with manual method with 9 steps, this action will require system service restart Step1: Go to GUI > System > License and click "Activate" button Step2: Fill in your license in textbox "Base Registration Key" and select…
    Tags: networks
  • In this topic we try to make information from my experience before upgrade version f5, So i hope this information will help everyone for upgrade version F5, Check about MA on your F5 BIG-IP device before upgrade version, It's very important, In case you found any problem after upgrade version…
    Tags: networks

Categories: