Changelog · WAF

Scheduled changes

Monday, Mar 4, 2024

Announcement Date	Release Date	Release Behavior	Legacy Rule ID	Rule ID	Description	Comments
2024-03-04	2024-03-11	Block	100627	...dc6877e2	Wordpress:Plugin:Bricks Builder Theme - Command Injection - CVE:CVE-2024-25600	N/A
2024-03-04	2024-03-11	Block	100628	...ae685218	ConnectWise - Auth Bypass	N/A

2024-03-04

Monday, Mar 4, 2024

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...aa290ad9	100135D	XSS - JS On Events	N/A	Block	This detection was released as ...9c1c14e6 (BETA) in new WAF

2024-02-26

Monday, Feb 26, 2024

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...1d870399	100546	XSS - HTML Encoding	N/A	Block	This detection was released as ...07c62aeb (BETA) in new WAF

2024-02-20

Tuesday, Feb 20, 2024

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...9a5581d0	100622B, 100622C	Ivanti - Command Injection - CVE:CVE-2023-46805, CVE:CVE-2024-21887, CVE:CVE-2024-22024	N/A	Block	N/A
Cloudflare Specials	...d0b325aa	N/A	Microsoft ASP.NET - Code Injection - Function response.write	N/A	Block	This detection was released as ...50c86f85 (BETA) in new WAF
Cloudflare Specials	...1b138b3e	N/A	NoSQL, MongoDB - SQLi - Comparison	N/A	Block	This detection was released as ...4ba436bb (BETA) in new WAF
Cloudflare Specials	...8f66903c	N/A	NoSQL, MongoDB - SQLi - Expression	N/A	Block	This detection was released as ...f67956b2 (BETA) in new WAF
Cloudflare Specials	...2d2e031c	N/A	PHP - Code Injection	N/A	Disabled	This detection was released as ...2a1f3a04 (BETA) in new WAF
Cloudflare Specials	...824b817c	N/A	PHP, vBulletin, jQuery File Upload - Code Injection, Dangerous File Upload - CVE:CVE-2018-9206, CVE:CVE-2019-17132	N/A	Block	This detection was released as ...dcd12482 (BETA) in new WAF

2024-02-12

Monday, Feb 12, 2024

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...901523c0	100625	Jenkins - Information Disclosure - CVE:CVE-2024-23897	N/A	Block	N/A
Cloudflare Specials	...d5e015dd	100514	Log4j Headers	N/A	Block	N/A
Cloudflare Specials	...dc29b753	100515B	Log4j Body Obfuscation	N/A	Block	N/A

2024-02-05

Monday, Feb 5, 2024

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...52d6027b	100624	GoAnywhere - Auth Bypass - CVE:CVE-2024-0204	N/A	Block	N/A
Cloudflare Specials	...f89ab164	100626,100626A	Anomaly:Header:Content-Type - Multiple	N/A	Disabled	New Detection
Cloudflare Specials	...7736c63c	N/A	AngularJS - XSS	N/A	Block	This detection was released as ...014fc5b9 (BETA) in new WAF
Cloudflare Specials	...a02344cb	N/A	Apache HTTP Server - Server-Side Includes	N/A	Disabled	This detection was released as ...10cae4a8 (BETA) in new WAF
Cloudflare Specials	...af52d528	N/A	Command Injection - CVE:CVE-2014-6271	N/A	Block	This detection was released as ...d2a0991c (BETA) in new WAF
Cloudflare Specials	...b090ba9a	N/A	Command Injection - Nslookup	N/A	Block	This detection was released as ...da3d944c (BETA) in new WAF
Cloudflare Specials	...d5a14a5e	N/A	Microsoft ASP.NET - Code Injection	N/A	Disabled	This detection was released as ...70f4f073 (BETA) in new WAF

2024-01-22 - Emergency

Monday, Jan 22, 2024

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...da07a922	100623	Atlassian Confluence - Template Injection - CVE:CVE-2023-22527	N/A	Block	N/A

2024-01-17 - Emergency

Wednesday, Jan 17, 2024

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...34ab53c5	100622	Ivanti - Auth Bypass, Command Injection - CVE:CVE-2023-46805, CVE:CVE-2024-21887	N/A	Block	N/A

2024-01-16

Tuesday, Jan 16, 2024

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...38906cff	100620	Microsoft ASP.NET - Remote Code Execution - CVE:CVE-2023-35813	N/A	Block	N/A
Cloudflare Specials	...84f664a9	100619	Liferay - Remote Code Execution - CVE:CVE-2020-7961	N/A	Block	N/A
Cloudflare Specials	...7d29ec39	100618	pfSense - Remote Code Execution - CVE:CVE-2023-42326	N/A	Block	N/A
Cloudflare Specials	...9016ef33	100621	Clerk - Auth Bypass	N/A	Disabled	N/A

2024-01-04

Thursday, Jan 4, 2024

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...53c7ccde	100612	SnakeYAML - CVE:CVE-2022-1471	N/A	Block	N/A

2023-12-18

Monday, Dec 18, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...1bc977d1	N/A	DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892, CVE:CVE-2022-31474	N/A	Block	This rule was released as ...76abfd64

2023-12-14 - Emergency

Thursday, Dec 14, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...bb6d4e13	100615	Apache Struts - Remote Code Execution - CVE:CVE-2023-50164	N/A	Block	N/A

2023-11-21

Tuesday, Nov 21, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...8ed2b1d9	100611	WordPress:Plugin:WooCommerce - Unauthorized Administrator Access - CVE:CVE-2023-28121	N/A	Block	N/A
Cloudflare Specials	...c3b6a372	100593	Adobe ColdFusion - Auth Bypass, Remote Code Execution - CVE:CVE-2023-29298, CVE:CVE-2023-38203, CVE:CVE-2023-26360	N/A	Block	N/A

2023-11-06 - Emergency

Monday, Nov 6, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...c54e7046	100614	Atlassian Confluence - Code Injection - CVE:CVE-2023-22518	N/A	Block	N/A

2023-10-30

Monday, Oct 30, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...d59a59db	100609	Keycloak - SSRF - CVE:CVE-2020-10770	N/A	Block	N/A

2023-10-23

Monday, Oct 23, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...3e3f706d	100606	JetBrains TeamCity - Auth Bypass, Remote Code Execution - CVE:CVE-2023-42793	N/A	Block	N/A
Cloudflare Specials	...469c4a38	100607	Progress WS_FTP - Information Disclosure - CVE:CVE-2023-40044	N/A	Block	N/A
Cloudflare Specials	...7ccccdce	100608	Progress WS_FTP - Remote Code Execution - CVE:CVE-2023-40044	N/A	Block	N/A

2023-10-11 - Emergency

Wednesday, Oct 11, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...ec9f34e1	100604	Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515	N/A	Block	This rule is released for our Cloudflare Free customers as well, rule ID: ...91935fcb (Detection logic update)

2023-10-04 - Emergency

Tuesday, Oct 3, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...ec9f34e1	100604,100605	Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515	N/A	Block	This rule is released for our Cloudflare Free customers as well, rule ID: ...91935fcb

2023-10-02

Monday, Oct 2, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...34780914	100532	Vulnerability scanner activity	N/A	Block	This rule was released as 100532_BETA in legacy waf and ...6e298ed7 in new WAF

2023-09-22 - Emergency

Friday, Sep 22, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...066c0c9a	100602	Code Injection - CVE:CVE-2023-36845	N/A	Block	N/A
Cloudflare Specials	...0746d000	100603	Information Disclosure - CVE:CVE-2023-28432	N/A	Block	N/A

2023-09-18

Monday, Sep 18, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...25ba9d7c	N/A	SSRF Cloud	N/A	Disabled	N/A

2023-09-04

Monday, Sep 4, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...c5f041ac	100597	Information Disclosure - Path Normalization	Log	Block	N/A
Cloudflare Specials	...50cec478	100598	Remote Code Execution - Common Bash Bypass	Log	Block	N/A
Cloudflare Specials	...ec5b0d04	100599	Ivanti - Auth Bypass - CVE:CVE-2023-38035	Log	Block	N/A
Cloudflare Specials	...6912c055	100601	Malware - Polymorphic Encoder	Log	Block	N/A
Cloudflare Specials	...8242627b	100146B	SSRF Local BETA	Log	Disabled	N/A

2023-08-21

Monday, Aug 21, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...84dadf5a	100595	MobileIron - Auth Bypass - CVE:CVE-2023-35082	Log	Block	N/A
Cloudflare Specials	...48a60154	N/A	SQLi - Keyword + SubExpress + Comment + BETA	N/A	Disabled	N/A

2023-08-17 - Emergency

Thursday, Aug 17, 2023

Ruleset	Rule ID	Legacy Rule ID	Description	Previous Action	New Action	Comments
Cloudflare Specials	...cac42ce2	100596	Citrix Content Collaboration ShareFile - Remote Code Execution - CVE:CVE-2023-24489	N/A	Block	N/A