Skip to main content
NOW AVAILABLE

General availability: Security Update for Azure Front Door WAF CVE-2023-50164

Published date: December 29, 2023

Attention all Azure global WAF customers: We have deployed a new managed rule to address the security vulnerability CVE-2023-50164. This security vulnerability could potentially impact your application.

The fix has been rolled out for the ruleset version listed below.  If you believe that your application is vulnerable to this exploit we recommend changing the state of this rule from disabled to enabled.

Default Ruleset (DRS): 2.1, 2.0

  • ID: 99001017
  • Rule Group: MS-ThreatIntel-CVEs
  • State: Disabled
  • Action: Anomaly Score

Default Ruleset (DRS): 1.2, 1.1, 1.0

  • ID: 99001017
  • Rule Group: MS-ThreatIntel-CVEs
  • State: Disabled
  • Action: Block

Thank you for choosing Azure for your web security needs.

  • Azure Front Door
  • Web Application Firewall
  • Features
  • Services
  • Security