logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-23027

Description

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, and 14.1.x before 14.1.4.3, a DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.


Affected Software


CPE Name Name Version
f5:big-ip_access_policy_manager f5 big-ip access policy manager 14.1.4
f5:big-ip_access_policy_manager f5 big-ip access policy manager 15.1.3
f5:big-ip_access_policy_manager f5 big-ip access policy manager 16.0.1.1
f5:big-ip_advanced_firewall_manager f5 big-ip advanced firewall manager 14.1.4
f5:big-ip_advanced_firewall_manager f5 big-ip advanced firewall manager 15.1.3
f5:big-ip_advanced_firewall_manager f5 big-ip advanced firewall manager 16.0.1.1
f5:big-ip_advanced_web_application_firewall f5 big-ip advanced web application firewall 14.1.4
f5:big-ip_advanced_web_application_firewall f5 big-ip advanced web application firewall 15.1.3
f5:big-ip_advanced_web_application_firewall f5 big-ip advanced web application firewall 16.0.1.1
f5:big-ip_analytics f5 big-ip analytics 14.1.4
f5:big-ip_analytics f5 big-ip analytics 15.1.3
f5:big-ip_analytics f5 big-ip analytics 16.0.1.1
f5:big-ip_application_acceleration_manager f5 big-ip application acceleration manager 14.1.4
f5:big-ip_application_acceleration_manager f5 big-ip application acceleration manager 15.1.3
f5:big-ip_application_acceleration_manager f5 big-ip application acceleration manager 16.0.1.1
f5:big-ip_application_security_manager f5 big-ip application security manager 14.1.4
f5:big-ip_application_security_manager f5 big-ip application security manager 15.1.3
f5:big-ip_application_security_manager f5 big-ip application security manager 16.0.1.1
f5:big-ip_ddos_hybrid_defender f5 big-ip ddos hybrid defender 14.1.4
f5:big-ip_ddos_hybrid_defender f5 big-ip ddos hybrid defender 15.1.3
f5:big-ip_ddos_hybrid_defender f5 big-ip ddos hybrid defender 16.0.1.1
f5:big-ip_domain_name_system f5 big-ip domain name system 14.1.4
f5:big-ip_domain_name_system f5 big-ip domain name system 15.1.3
f5:big-ip_domain_name_system f5 big-ip domain name system 16.0.1.1
f5:big-ip_fraud_protection_service f5 big-ip fraud protection service 14.1.4
f5:big-ip_fraud_protection_service f5 big-ip fraud protection service 15.1.3
f5:big-ip_fraud_protection_service f5 big-ip fraud protection service 16.0.1.1
f5:big-ip_global_traffic_manager f5 big-ip global traffic manager 14.1.4
f5:big-ip_global_traffic_manager f5 big-ip global traffic manager 15.1.3
f5:big-ip_global_traffic_manager f5 big-ip global traffic manager 16.0.1.1
f5:big-ip_link_controller f5 big-ip link controller 14.1.4
f5:big-ip_link_controller f5 big-ip link controller 15.1.3
f5:big-ip_link_controller f5 big-ip link controller 16.0.1.1
f5:big-ip_local_traffic_manager f5 big-ip local traffic manager 14.1.4
f5:big-ip_local_traffic_manager f5 big-ip local traffic manager 15.1.3
f5:big-ip_local_traffic_manager f5 big-ip local traffic manager 16.0.1.1
f5:big-ip_policy_enforcement_manager f5 big-ip policy enforcement manager 14.1.4
f5:big-ip_policy_enforcement_manager f5 big-ip policy enforcement manager 15.1.3
f5:big-ip_policy_enforcement_manager f5 big-ip policy enforcement manager 16.0.1.1
f5:big-ip_ssl_orchestrator f5 big-ip ssl orchestrator 14.1.4
f5:big-ip_ssl_orchestrator f5 big-ip ssl orchestrator 15.1.3
f5:big-ip_ssl_orchestrator f5 big-ip ssl orchestrator 16.0.1.1

Related