Notice - Automated Web Application Firewall (WAF) Rule Updates

First Published: 2019 January 25th

Last Updated: 2019 January 25th

Workarounds: Yes

Impacted Functional Area: Automated Web Application Firewall (WAF) Rule Updates

 

An issue has been identified with the latest Rule file being used by the Automated WAF Rule Updates feature. 

  • If you have Enable Automated Rule Updates and Enable Automated Installs both enabled.
  • If you also have Application Rules and IP Reputation Rules both enabled on a Virtual Service, then this will cause increased CPU utilization and may cause a system restart.

 

Affected Products

The following products are affected by this vulnerability:

  • LoadMasters running LMOS versions which are enabled with Automated WAF Rule Updates

Products Not Affected

The following products are not affected by this vulnerability:

  • LoadMasters not enabled with Automated WAF Rule Updates

 

Workarounds

The Automated WAF Rule files have been updated and the issue will be resolved if they are Manually downloaded and Installed from the Web User Interface on the LoadMaster.

For more details on how to complete the Manual download and Install please refer to section 3.14 in the WUI Configuration Guide.

https://support.kemptechnologies.com/hc/en-us/articles/213906303-Web-User-Interface-WUI

Any questions regarding manually downloading the rules or other WAF related questions should be directed to the Kemp Customer Support team here.

 

Fixed Software

The LoadMaster operating system is not affected.  This issue only relates to configuration within the Automated WAF Rule Updates feature.

NOTE - Any LoadMaster upgrades are recommended to be completed outside normal business hours.

  

Customer Support

Requests for assistance can be submitted to KEMP Customer Support Here

 

Document Revision History

Version

Description

Section

Status

Date

1.0

Initial release

 

Final

Jan 25 2019

 

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN “AS IS” BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. KEMP TECHNOLOGIES RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

 

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of KEMP products.

Was this article helpful?

0 out of 0 found this helpful

Comments