WAF - WAF Release - 2025-11-17
7mo ago
Source
CloudflareWAF - WAF Release - 2025-11-17cloudflare.comThis week highlights enhancements to detection signatures improving coverage for vulnerabilities in DELMIA Apriso, linked to CVE-2025-6205. Key Findings This vulnerability allows unauthenticated attackers to gain privileged access to the application. The latest update provides enhanced detection logic for resilient protection against exploitation attempts. Impact DELMIA Apriso (CVE-2025-6205): Exploitation could allow an unauthenticated remote attacker to bypass security checks by sending specially crafted requests to the application's message processor. This enables the creation of arbitrary employee accounts, which can be leveraged to modify system configurations and achieve full system compromise. Ruleset Rule ID Legacy Rule ID Description Previous Action New Action Comments Cloudflare Managed Ruleset ec1e2aa190e64e7cb468e16dd256f4bc N/A DELMIA Apriso - Auth Bypass - CVE:CVE-2025-6205 Log Block This is a new detection. Cloudflare Managed Ruleset fae6fa37ae9249d58628e54b1a3e521e N/A PHP Wrapper Injection - Body N/A Disabled Rule metadata description refined. Detection unchanged. Cloudflare Managed Ruleset 9c02e585db34440da620eb668f76bd74 N/A PHP Wrapper Injection - URI N/A Disabled Rule metadata description refined. Detection unchanged.
You might also wanna read
Cloudflare expands AI bot management tools with granular traffic controls for all customers
Cloudflare is celebrating the second "Content Independence Day" by expanding AI traffic management options for all website owners. Building
Workers - Simpler runtime types with @cloudflare/workers-types v5
Cloudflare·1d ago
Workers - Work across multiple accounts with Wrangler auth profiles
Cloudflare·2d ago
Cache - Cache multiple versions of a URL with Vary
Cloudflare·2d ago
Cloudflare One - Hostname routing for Cloudflare Mesh
Cloudflare·2d ago
AI Search - Manage AI Search sync jobs with Wrangler CLI
Cloudflare·2d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.