Showing results for 
Search instead for 
Did you mean: 

Virtual Web Application Firewall Signature (Baseline Version 201805080540)


A new policy (baseline version 201805080540) for the Virtual Web Application Firewall is now available. Change log:


  • Added: Java Remote Code Execution using remote classloading


This is a new rule added in this baseline update: there are a number of ways in which attackers can execute malicious code using Java commands including java.lang.ProcessBuilder or, resulting in remote code execution.


You can configure your Pulse vWAF to download and update this baseline update automatically, or else there is a zip archive attached to this message which contains this policy. The archive needs to be extracted before it can be uploaded to the WAF (either via web UI or REST API).


For more information:
For more information, please refer to the release notes, available on the download portal. A complete set of user documentation is also available on


Version history
Revision #:
3 of 3
Last update:
‎07-05-2018 01:13:AM
Updated by:
Labels (2)