Forum Discussion

mtojo's avatar
mtojo
Icon for Nimbostratus rankNimbostratus
May 02, 2017

ASM mitigation for vulnerability in Apache Struts1(CVE-2016-1181)

Can you please give me information on ASM mitigation for vulnerability in Apache Struts1(CVE-2016-1181)?

 

4 Replies

  • I also want to solve this problem. I have a vulnerability in Apache Struts1(CVE-2016-1181) on my WEB server.

     

    My BIG-IP is running the LTM+ASM.

     

    Can I defend the vulnerability on Web Server with ASM's custom signature?

     

  • I also want to defend this problem using an ASM signature. Yes, I have looked at all the upgrade fixes, but unfortunately we cannot manage to fit a release in as soon as we would like. Hence it would be ideal if we could mitigate the issue using an ASM signature until the fix can be released.

     

    • mtojo's avatar
      mtojo
      Icon for Nimbostratus rankNimbostratus

      I wait for formal ASM signature release.Thank you very much.