logo
DATABASE RESOURCES PRICING ABOUT US

BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23031

Description

An authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. ([CVE-2021-23031](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23031>)) Impact When this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary system commands, create or delete files, and/or disable services. This vulnerability may result in complete system compromise.


Affected Software


CPE Name Name Version
big-iq centralized management 8.1.0
big-ip afm 16.1.0
big-ip analytics 16.1.0
big-ip apm 16.1.0
big-ip asm 16.1.0
big-ip dns 16.1.0
big-ip fps 16.1.0
big-ip gtm 16.1.0
big-ip link controller 16.1.0
big-ip ltm 16.1.0
big-ip pem 16.1.0
big-ip aam 16.1.0
f5os 1.1.3
nginx app protect 3.5.0
traffix sdc 5.2.0
f5 ssl orchestrator 16.1.0
f5 ddos hybrid defender 16.1.0

Related