End of march 2022, that we found publish about vulnerabilities,

  • Spring Framework RCE (Spring4Shell): CVE-2022-22965
  • Spring Framework DoS: CVE-2022-22950
  • Spring Cloud RCE: CVE-2022-22963

05/04/2022 F5 update that F5 products not have this vulnerability.

Reference Article Links: https://support.f5.com/csp/article/K11510688

F5 mitigations using this vulnerability with BIG-IP ASM/Advanced WAF to protect back-end systems

K24912123: Mitigate the Spring Framework (Spring4Shell) and Spring Cloud vulnerabilities with the BIG-IP system

K54094280: Mitigate the Spring Framework (Spring4Shell) and Spring Cloud vulnerabilities with NGINX Application Security products

 616 total views,  2 views today

Related Posts

  • I would like to provide how to add or reactivate license on F5 with manual method with 9 steps, this action will require system service restart Step1: Go to GUI > System > License and click "Activate" button Step2: Fill in your license in textbox "Base Registration Key" and select…
    Tags: networks

Categories:

No responses yet

Leave a Reply

Your email address will not be published.