SSLVPN: How to configure SRA Web Application Firewall to protect against GNU BASH Vulnerability (CV
03/26/2020 4 10917
SSLVPN: How to configure SRA Web Application Firewall to protect against GNU BASH Vulnerability (CVE-2014-6271/CVE-2014-7169)
How to configure SMB SRA Appliance to protect against the recently identified GNU Bash Vulnerability?
SonicWall has released WAF signatures (1603 Bash Code Injection & 9011 System Command Injection Variant 1 ) for the SMB SRA which protects the SMB SRA appliance itself, as well as web servers and devices behind the SRA.
To configure the WAF protection, go to the Web Application Firewall > Status' tab and enable Web Application Firewall. If Apply Signature Updates Automatically' is enabled, then Signatures should take effect automatically.
If it is not enabled, then admins have to manually go into Web Application Firewall > Status page and click on Apply'
Check the box for High/Medium Priority Attacks for both Detect and Prevent.
To verify the configuration search for Signatures 9011 and 6013 and ensure they are enabled for both detection and prevention on the Web Application Firewall > Signatures' page
For more advanced WAF Configuration please reference the WAF Admin Guide.