Forum Discussion

Altocumulus

Sep 12, 2016

Solved

ASM - Attack Signature for CVE-2016-6662?

Does the latest Attack Signature database have a Signature for CVE-2016-6662. If so, can someone tell me which attack signature relates to this exploit? I've been doing some looking around and haven'...

ASM Advanced WAF

security

mortoj_167568
Sep 14, 2016
Thank you

boneyard

MVP

Sep 12, 2016

that CVE was released today, not expecting an official ASM signature update that quick.

don't have time to fully understand the issue, but it seems to require quite some access on either the actual server running mysql or within mysql itself. in general you wouldn't have such access through a website and if you have then you most likely allow such access and a specific signature against is probably difficult to craft.

sure there is sql injection and such, but for that you already have some signatures and again if you are vulnerable for sql injections this is just one of the things they might be able to do.

Forum Discussion

ASM - Attack Signature for CVE-2016-6662?

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

Live Update- ASM attack signatures

The HTTP/2 CONTINUATION frame attack

Default Attack Signature Sets