Attention all Azure global WAF customers: We have deployed a new managed rule to address the security vulnerability CVE-2023-50164. This security vulnerability could potentially impact your application.
The fix has been rolled out for the ruleset version listed below. If you believe that your application is vulnerable to this exploit we recommend changing the state of this rule from disabled to enabled.
Default Ruleset (DRS): 2.1, 2.0
- ID: 99001017
- Rule Group: MS-ThreatIntel-CVEs
- State: Disabled
- Action: Anomaly Score
Default Ruleset (DRS): 1.2, 1.1, 1.0
- ID: 99001017
- Rule Group: MS-ThreatIntel-CVEs
- State: Disabled
- Action: Block
Thank you for choosing Azure for your web security needs.
