Changelog · WAF

2023-11-21

Tuesday, Nov 21, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...8ed2b1d9	100611	WordPress:Plugin:WooCommerce - Unauthorized Administrator Access - CVE:CVE-2023-28121	N/A	Block	N/A
Cloudflare Specials	...c3b6a372	100593	Adobe ColdFusion - Auth Bypass, Remote Code Execution - CVE:CVE-2023-29298, CVE:CVE-2023-38203, CVE:CVE-2023-26360	N/A	Block	N/A

Monday, Nov 6, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...c54e7046	100614	Atlassian Confluence - Code Injection - CVE:CVE-2023-22518	N/A	Block	N/A

Monday, Oct 30, 2023

Announcement Date	Release Date	Release Behavior	Legacy Rule ID	Rule ID	Description	Comments
N/A	N/A	N/A	N/A	N/A	N/A	No updates scheduled

Monday, Oct 30, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...d59a59db	100609	Keycloak - SSRF - CVE:CVE-2020-10770	N/A	Block	N/A

Monday, Oct 23, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...3e3f706d	100606	JetBrains TeamCity - Auth Bypass, Remote Code Execution - CVE:CVE-2023-42793	N/A	Block	N/A
Cloudflare Specials	...469c4a38	100607	Progress WS_FTP - Information Disclosure - CVE:CVE-2023-40044	N/A	Block	N/A
Cloudflare Specials	...7ccccdce	100608	Progress WS_FTP - Remote Code Execution - CVE:CVE-2023-40044	N/A	Block	N/A

Wednesday, Oct 11, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...ec9f34e1	100604	Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515	N/A	Block	This rule is released for our Cloudflare Free customers as well, rule ID: ...91935fcb (Detection logic update)

Tuesday, Oct 3, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...ec9f34e1	100604,100605	Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515	N/A	Block	This rule is released for our Cloudflare Free customers as well, rule ID: ...91935fcb

Monday, Oct 2, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...34780914	100532	Vulnerability scanner activity	N/A	Block	This rule was released as 100532_BETA in legacy waf and ...6e298ed7 in new WAF

Friday, Sep 22, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...066c0c9a	100602	Code Injection - CVE:CVE-2023-36845	N/A	Block	N/A
Cloudflare Specials	...0746d000	100603	Information Disclosure - CVE:CVE-2023-28432	N/A	Block	N/A

Monday, Sep 18, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...25ba9d7c	N/A	SSRF Cloud	N/A	Disabled	N/A

Monday, Sep 4, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...c5f041ac	100597	Information Disclosure - Path Normalization	Log	Block	N/A
Cloudflare Specials	...50cec478	100598	Remote Code Execution - Common Bash Bypass	Log	Block	N/A
Cloudflare Specials	...ec5b0d04	100599	Ivanti - Auth Bypass - CVE:CVE-2023-38035	Log	Block	N/A
Cloudflare Specials	...6912c055	100601	Malware - Polymorphic Encoder	Log	Block	N/A
Cloudflare Specials	...8242627b	100146B	SSRF Local BETA	Log	Disabled	N/A

Monday, Aug 21, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...84dadf5a	100595	MobileIron - Auth Bypass - CVE:CVE-2023-35082	Log	Block	N/A
Cloudflare Specials	...48a60154	N/A	SQLi - Keyword + SubExpress + Comment + BETA	N/A	Disabled	N/A

Thursday, Aug 17, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...cac42ce2	100596	Citrix Content Collaboration ShareFile - Remote Code Execution - CVE:CVE-2023-24489	N/A	Block	N/A