WAF rule set update for 2018-09-05

The following information describes the updates and changes to the rule set.

ID

3vnl3cwPda9Q3WYCDRuGW

Version

v10

Date

2018-09-05

Type of Change

Introduced new OWASP rule 932190, which mitigates RCE (OS File Access Attempt) on low paranoia level WAF
Introduced new OWASP rule 941110, which mitigates XSS using script tag vector
Introduced new OWASP rule 944100, which mitigates RCE via Java deserialization vulnerabilities (CVE-2017-9805, CVE-2017-10271)
Introduced new OWASP rule 944110, which mitigates RCE via Java process spawn vulnerability (CVE-2017-9805)
Introduced new OWASP rule 944120, which mitigates RCE via Java serialization (CVE-2015-5842)
Introduced new OWASP rule 944240, which mitigates RCE via Java serialization (CVE-2015-5842)
Introduced new OWASP rule 944130, which detects suspicious Java classes
Introduced new OWASP rule 944250, which detects RCE via Java method
Introduced new OWASP rule 944200, which detects magic bytes being used that signal Java serialization
Introduced new OWASP rule 944210, which detects magic bytes being Base64 encoded that signal Java serialization
Introduced new OWASP rule 944220, which detects vulnerable Java class in use
Introduced new OWASP rule 944300, which detects Base64 encoded string that matched suspicious keyword
Introduced new Fastly internal rule 4134010, which mitigates CVE-2018-11776 Apache Struts v2 vulnerability
Introduced new Fastly internal rule 4113010, which detects suspicious X-Rewrite-URL header
Introduced new Fastly internal rule 4113020, which detects suspicious X-Original-URL header
Introduced new Fastly internal rule 4113030, which detects ESI directives in request
Introduced new Fastly internal rule 4113050, which detects ESI directives in body
Removed Trustwave rule 2200000, IP blocklist
Removed Trustwave rule 2200002, TOR Exit Nodes blocklist

Affected Rule Sets

OWASP
Fastly Rules
Trustwave

For more information, see our guide on Fastly WAF rule set updates and maintenance. Back to Top