A Denial of Service security vulnerability has been reported against the ModSecurity engine v3 release line. The ModSecurity Web Application Firewall (WAF) engine is maintained by Trustwave. Trustwave is disputing the CVE and the full details are outlined in the additional information below.
Is LoadMaster vulnerable?
LoadMaster is not vulnerable as it runs the ModSecurity v2.9 release line.
Is Kemp 360 Central vulnerable?
Kemp 360 Central is not impacted as it does not run the ModSecurity engine.
Is Kemp 360 Vision vulnerable?
Kemp 360 Vision is not impacted as it does not run the ModSecurity engine.
For additional information about the discovered vulnerability:
These pages also include the latest links to the security pages for the platform providers.
Kemp is committed to resolving security vulnerabilities carefully and quickly. If you think you have found a security flaw in a Kemp product, please send all supporting information to firstname.lastname@example.org