https://github.com/irgoncalves/f5-waf-enforce-sig-spring4shell

This enforces F5 WAF signatures for Spring4Shell and Spring Cloud vulnerabilities across all policies on a BIG-IP ASM device
https://github.com/irgoncalves/f5-waf-enforce-sig-spring4shell

cve-2022-22965 f5-asm f5-awaf spring4shell

Last synced: about 2 months ago
JSON representation

This enforces F5 WAF signatures for Spring4Shell and Spring Cloud vulnerabilities across all policies on a BIG-IP ASM device

• Host: GitHub
• URL: https://github.com/irgoncalves/f5-waf-enforce-sig-spring4shell
• Owner: irgoncalves
• Created: 2022-03-31T22:39:58.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2022-03-31T22:59:14.000Z (over 3 years ago)
• Last Synced: 2025-04-05T23:25:38.335Z (6 months ago)
• Topics: cve-2022-22965, f5-asm, f5-awaf, spring4shell
• Language: Python
• Homepage:
• Size: 8.79 KB
• Stars: 8
• Watchers: 1
• Forks: 5
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# f5-waf-enforce-sig-Spring4Shell

This enforces signatures for the vulnerabilities Spring Framework (Spring4Shell) and Spring Cloud vulnerabilities CVE-2022-22965, CVE-2022-22950, and CVE-2022-22963 across all policies on a BIG-IP ASM device.

# Overview

This script enforces all signatures present in the list below related to the vulnerabilities Spring4Shell and Spring Cloud across all policies in blocking mode in the Adv. WAF/ASM.

For the current list of attack signatures related to the vulnerabilities above, check the following article as they might change:

https://support.f5.com/csp/article/K24912123

This was tested on BIG-IP ASM/Adv.WAF v15.x but I expect this to work in v13/v14/v16 as well.

## Prerequisites

Python 3.7+

The host machine needs to have connection to the BIG-IP management interface.

# How to Use

```

usage: f5-waf-enforce-sig-Spring4Shell device

positional arguments:

  device      A file containing list of BIG-IP devices separated by line, e.g. devices.txt