CME-904

WAF (Web Application Firewall)

Harden Application Medium Confidence

Description

HTTP-layer filtering that inspects requests for injection, XSS, path traversal, and other OWASP Top 10 patterns. Can operate in blocking or detection mode with OWASP Core Rule Set.

CVSS Vector Impacts

Metric Transition Rationale
Attack Complexity (AC) L H Common exploit payloads are detected and blocked at the HTTP layer

CWE Relationships

CWE-79 CWE-89 CWE-94 CWE-22

Verification

Verify WAF is in enforcement mode with rules loaded

$ curl -s -o /dev/null -w '%{http_code}' 'http://target/?q=<script>alert(1)</script>'
# Expected: 403
Platform: any
← CME-903: Kernel Network Hardening (sysctl) CME-905: Content Security Policy (CSP) Headers →