Edgecast is aware of the latest CVE-2022-22965 (also known as “Spring4Shell”) and CVE-2022-22963. Our review demonstrates the generic Remote Code Execution (RCE) rules (noted below) in our Managed WAF Rules Edgecast Ruleset (ECRS). These provide protection when enabled together.
The above rules should provide sufficient coverage when used with an anomaly threshold of under 10. Please make sure you opt-in to an auto-update for the Edgecast Ruleset (ECRS). Our WAF also provides Custom Rules if you need to create custom filters providing additional coverage to address specific corner cases.
Please contact us if you need additional security assistance reviewing your current security configurations setup. Edgecast provides various managed security services to assist you with your use case. If you are subscribed to Edgecast Managed Cloud Security (MCS) services, our security support team can help you develop custom rules. If you have any questions regarding our managed security services, please reach out to your account manager.
Stay connected and subscribe to our RSS feed.
Call us at
Manage your account or get tools and information.