This enforces signatures for CVE-2021-44228 for policy on a BIG-IP ASM device
This script enforces all signatures present in the list below related to CVE-2021-44228 across specific policy in the Adv. WAF/ASM. Based on irgoncalves/f5-waf-enforce-sig-CVE-2021-44228
If signatures ID update, please modify directly in script.
sigs = ['200104768', '200104769', '200004450', '200004451','200004474','200104770','200104771', '200104777' ]
Signature 200104777 is only available after installing ASM-AttackSignatures_20220104_103011.im
https://support.f5.com/csp/article/K19026212
This was tested on BIG-IP ASM/Adv.WAF v15.x but I expect this to work in v13/v14/v16 as well.
Python 3.7+
The host machine needs to have connection to the BIG-IP management interface.
usage: f5-waf-enforce-sig-CVE-2021-44228 device policy
positional arguments:
device Device hostname
policy Target policy name