DATABASE RESOURCES PRICING ABOUT US

{"id": "F5:K50974556", "vendorId": null, "type": "f5", "bulletinFamily": "software", "title": "Overview of F5 vulnerabilities (August 2021)", "description": "On August 24, 2021, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated security advisory.\n\nHigh CVEs\n\n * [K55543151: BIG-IP TMUI vulnerability CVE-2021-23025](<https://support.f5.com/csp/article/K55543151>)\n\nCVSS score: 7.2 (High)\n\nAn authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility.\n\n * [K53854428: iControl SOAP vulnerability CVE-2021-23026](<https://support.f5.com/csp/article/K53854428>)\n\nCVSS score: 7.5 (High)\n\nBIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP.\n\n * [K24301698: TMUI XSS vulnerability CVE-2021-23027](<https://support.f5.com/csp/article/K24301698>)\n\nCVSS score: 7.5 (High)\n\nA DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user.\n\n * [K00602225: BIG-IP Advanced WAF and ASM vulnerability CVE-2021-23028](<https://support.f5.com/csp/article/K00602225>)\n\nCVSS score: 7.5 (High)\n\nWhen JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate.\n\n * [K52420610: BIG-IP Advanced WAF and ASM TMUI vulnerability CVE-2021-23029](<https://support.f5.com/csp/article/K52420610>)\n\nCVSS score: 7.5 (High)\n\nInsufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility.\n\n * [K42051445: BIG-IP Advanced WAF and ASM Websocket vulnerability CVE-2021-23030](<https://support.f5.com/csp/article/K42051445>)\n\nCVSS score: 7.5 (High)\n\nWhen a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate.\n\n * [K41351250: BIG-IP Advanced WAF and ASM TMUI vulnerability CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>)\n\nCVSS score: 8.8 (High) / 9.9 (Appliance Mode Only) \n**Note**: The limited number of customers using Appliance Mode will have Scope: Changed, which raises the CVSSv3 score to 9.9. For information on Appliance mode, refer to [K12815: Overview of Appliance mode](<https://support.f5.com/csp/article/K12815>).\n\nAn authenticated user may perform a privilege escalation on BIG-IP Advanced WAF and ASM TMUI.\n\n * [K45407662: BIG-IP DNS vulnerability CVE-2021-23032](<https://support.f5.com/csp/article/K45407662>)\n\nCVSS score: 7.5 (High)\n\nWhen a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K05314769: BIG-IP Advanced WAF and ASM Websocket vulnerability CVE-2021-23033](<https://support.f5.com/csp/article/K05314769>)\n\nCVSS score: 7.5 (High)\n\nWhen a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate.\n\n * [K30523121: BIG-IP TMM vulnerability CVE-2021-23034](<https://support.f5.com/csp/article/K30523121>)\n\nCVSS score: 7.5 (High)\n\nWhen a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate.\n\n * [K70415522: TMM vulnerability CVE-2021-23035](<https://support.f5.com/csp/article/K70415522>)\n\nCVSS score: 7.5 (High)\n\nWhen an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K05043394: TMM vulnerability CVE-2021-23036](<https://support.f5.com/csp/article/K05043394>)\n\nCVSS score: 7.5 (High)\n\nWhen a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K21435974: TMUI XSS vulnerability CVE-2021-23037](<https://support.f5.com/csp/article/K21435974>)\n\nCVSS score: 7.5 (High)\n\nA reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user.\n\nMedium CVEs\n\n * [K61643620: BIG-IP TMUI XSS vulnerability CVE-2021-23038](<https://support.f5.com/csp/article/K61643620>)\n\nCVSS score: 6.8 (Medium)\n\nA stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user.\n\n * [K66782293: TMM vulnerability CVE-2021-23039](<https://support.f5.com/csp/article/K66782293>)\n\nCVSS score: 6.5 (Medium)\n\nWhen IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote (IPSec) peer, which already has a negotiated Security Association, can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K94255403: BIG-IP AFM vulnerability CVE-2021-23040](<https://support.f5.com/csp/article/K94255403>)\n\nCVSS score: 5.4 (Medium)\n\nA SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned.\n\n * [K42526507: BIG-IP TMUI vulnerability CVE-2021-23041](<https://support.f5.com/csp/article/K42526507>)\n\nCVSS score: 4.7 (Medium)\n\nA DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the current logged-in user.\n\n * [K93231374: BIG-IP HTTP vulnerability CVE-2021-23042](<https://support.f5.com/csp/article/K93231374>)\n\nCVSS score: 5.3 (Medium)\n\nWhen an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization.\n\n * [K63163637: BIG-IP TMUI vulnerability CVE-2021-23043](<https://support.f5.com/csp/article/K63163637>)\n\nCVSS score: 4.3 (Medium)\n\nA directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files.\n\n * [K35408374: BIG-IP compression driver vulnerability CVE-2021-23044](<https://support.f5.com/csp/article/K35408374>)\n\nCVSS score: 5.9 (Medium)\n\nWhen the Intel QuickAssist Technology (QAT) compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition (VE) platforms, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K94941221: TMM SCTP vulnerability CVE-2021-23045](<https://support.f5.com/csp/article/K94941221>)\n\nCVSS score: 5.3 (Medium)\n\nWhen an SCTP profile with multiple paths is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K70652532: F5 BIG-IP Guided Configuration logging vulnerability CVE-2021-23046](<https://support.f5.com/csp/article/K70652532>)\n\nCVSS score: 4.9 (Medium)\n\nWhen a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs.\n\n * [K79428827: BIG-IP APM OCSP vulnerability CVE-2021-23047](<https://support.f5.com/csp/article/K79428827>)\n\nCVSS score: 5.3 (Medium)\n\nWhen BIG-IP APM performs Online Certificate Status Protocol (OCSP) verification of a certificate that contains Authority Information Access (AIA), undisclosed requests may cause an increase in memory use.\n\n * [K19012930: TMM GTP vulnerability CVE-2021-23048](<https://support.f5.com/csp/article/K19012930>)\n\nCVSS score: 5.9 (Medium)\n\nWhen GPRS Tunneling Protocol (GTP) iRules commands or a GTP profile is configured on a virtual server, undisclosed GTP messages can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K65397301: iRule RESOLVER::summarize memory leak vulnerability CVE-2021-23049](<https://support.f5.com/csp/article/K65397301>)\n\nCVSS score: 5.3 (Medium)\n\nWhen the iRules RESOLVER::summarize command is used on a virtual server, undisclosed requests can cause an increase in Traffic Management Microkernel (TMM) memory utilization resulting in an out-of-memory condition and a denial-of-service (DoS).\n\n * [K44553214: Web application firewall vulnerability CVE-2021-23050](<https://support.f5.com/csp/article/K44553214>)\n\nCVSS score: 5.9 (Medium)\n\nWhen a cross-site request forgery (CSRF)-enabled policy is configured on a virtual server, an undisclosed HTML response may cause the BIG-IP ASM bd process to terminate.\n\n * [K01153535: BIG-IP AWS vulnerability CVE-2021-23051](<https://support.f5.com/csp/article/K01153535>)\n\nCVSS score: 5.9 (Medium)\n\nWhen the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This is due to an incomplete fix for CVE-2020-5862.\n\n * [K32734107: BIG-IP APM vulnerability CVE-2021-23052](<https://support.f5.com/csp/article/K32734107>)\n\nCVSS score: 6.1 (Medium)\n\nAn open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious user to build an open redirect URI.\n\nLow CVEs\n\n * [K36942191: BIG-IP Advanced WAF and ASM MySQL database vulnerability CVE-2021-23053](<https://support.f5.com/csp/article/K36942191>)\n\nCVSS score: 3.7 (Low)\n\nWhen the brute force protection feature of ASM/Adv WAF is enabled on a virtual server and the virtual server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit on undisclosed tables in the MYSQL database.\n\nSecurity Exposures\n\n * [K14903688: BIG-IP SSL Profile OCSP Authentication security exposure](<https://support.f5.com/csp/article/K14903688>)\n\nThe BIG-IP system does not properly verify the revocation of intermediate CA certificates when querying Online Certificate Status Protocol (OCSP) servers and may allow unauthorized connections.\n\n * [K49549213: The BIG-IP Advanced WAF and ASM brute force mitigation may fail when receiving a specially crafted request](<https://support.f5.com/csp/article/K49549213>)\n\nF5 Advanced Web Application Firewall (WAF) and BIG-IP ASM brute force mitigation may fail.\n\n * [K48321015: The BIG-IP Advanced WAF and ASM systems may fail to correctly enforce HTML form login pages](<https://support.f5.com/csp/article/K48321015>)\n\nThe BIG-IP Advanced WAF and ASM systems may fail to correctly enforce HTML form login pages when the request contains an incorrectly formatted parameter. This issue occurs when the security policy includes a configuration that enables brute force protection for the HTML form login page.\n\n * [K30150004: The attack signature check may fail to detect and block malicious requests](<https://support.f5.com/csp/article/K30150004>)\n\nThe attack signature check may fail to detect and block malicious request containing certain decimal-coded characters.\n\n * [K30291321: The attack signature check may fail to detect and block illegal requests.](<https://support.f5.com/csp/article/K30291321>)\n\nThe attack signature check may fail to detect and block illegal requests.\n\n * [K05391775: The BIG-IP ASM system may not properly perform attack signature checks](<https://support.f5.com/csp/article/K05391775>)\n\nThe BIG-IP ASM system may not properly perform attack signature checks on request and response content.\n\nThe following table provides key information for each vulnerability to assist in determining which are pertinent to your network.\n\n**Note**: For security and sustainability, your best update choice is the latest maintenance release of a Long-Term Stability Release version.\n\n * Long-Term Stability Release versions have 1 for their minor release number (x.1.x), and they are not available for a period of time after a major release (x.0.x).\n * The latest maintenance release of a Long-Term Stability Release version (x.1.latest) can be between x.1.0 and x.1.n.\n\nUpdating to maintenance or point releases (x.1.x.x) for a Long-Term Stability Release version does not introduce changes in existing default behavior.\n\nF5 recommends that you update or upgrade your BIG-IP appliances to at least BIG-IP 14.1.0 and your BIG-IP VEs to at least BIG-IP 15.1.0. For more information, see the release notes for [BIG-IP 14.1.0](<https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-bigip-14-1-0.html>) and [BIG-IP 15.1.0](<https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-bigip-15-1-0.html>).\n\nHigh CVEs\n\nCVE / Bug ID | Severity | CVSS score | Affected products | Affected versions1 | Fixes introduced in \n---|---|---|---|---|--- \n[CVE-2021-23025](<https://support.f5.com/csp/article/K55543151>) | High | 7.2 | BIG-IP (all modules) | 15.0.0 - 15.1.0 \n14.1.0 - 14.1.3 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.0.0 \n15.1.0.5 \n14.1.3.1 \n13.1.3.5 \n[CVE-2021-23026](<https://support.f5.com/csp/article/K53854428>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \nBIG-IQ | 8.0.0 - 8.1.0 \n7.0.0 - 7.1.0 \n6.0.0 - 6.1.0 | None \n[CVE-2021-23027](<https://support.f5.com/csp/article/K24301698>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n[CVE-2021-23028](<https://support.f5.com/csp/article/K00602225>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.1 \n15.1.1 - 15.1.3 \n14.1.3.1 - 14.1.4.1 \n13.1.3.5 - 13.1.3.6 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.2 \n13.1.4 \n[CVE-2021-23029](<https://support.f5.com/csp/article/K52420610>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 | 16.1.0 \n16.0.1.2 \n[CVE-2021-23030](<https://support.f5.com/csp/article/K42051445>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>) | \n\nHigh\n\n\\--\n\nCritical - Appliance mode only2\n\n| \n\n8.8\n\n\\--\n\n9.92\n\n| BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.5 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.1 \n13.1.4 \n12.1.6 \n11.6.5.3 \n[CVE-2021-23032](<https://support.f5.com/csp/article/K45407662>) | High | 7.5 | BIG-IP (DNS) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n15.1.3.1 \n14.1.4.4 \n13.1.5 \n[CVE-2021-23033](<https://support.f5.com/csp/article/K05314769>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23034](<https://support.f5.com/csp/article/K30523121>)3 | High | 7.5 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 | 16.1.0 \n15.1.3.1 \n[CVE-2021-23035](<https://support.f5.com/csp/article/K70415522>) | High | 7.5 | BIG-IP (all modules) | 14.1.0 - 14.1.4 | 14.1.4.4 \n[CVE-2021-23036](<https://support.f5.com/csp/article/K05043394>) | High | 7.5 | BIG-IP (Advanced WAF, ASM, DataSafe) | 16.0.0 - 16.0.1 | 16.1.0 \n16.0.1.2 \n[CVE-2021-23037](<https://support.f5.com/csp/article/K21435974>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 - 16.1.1 \n15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.2 \n15.1.4.1 \n14.1.4.5 \n13.1.5 \n[CVE-2021-23038](<https://support.f5.com/csp/article/K61643620>) | Medium | 6.8 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.0.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.2 \n13.1.4.1 \n[CVE-2021-23039](<https://support.f5.com/csp/article/K66782293>) | Medium | 6.5 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.0.0 - 15.1.2 \n14.1.0 - 14.1.2 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.2.8 \n13.1.5 \n[CVE-2021-23040](<https://support.f5.com/csp/article/K94255403>) | Medium | 5.4 | BIG-IP AFM | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \n[CVE-2021-23041](<https://support.f5.com/csp/article/K42526507>) | Medium | 4.7 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \n[CVE-2021-23042](<https://support.f5.com/csp/article/K93231374>) | Medium | 5.3 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.3 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4 \n13.1.4 \n12.1.6 \n[CVE-2021-23043](<https://support.f5.com/csp/article/K63163637>) | Medium | 4.3 | BIG-IP (all modules) | 16.0.0 - 16.1.1 \n15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.2 \n15.1.4.1 \n14.1.4.5 \n13.1.5 \n[CVE-2021-23044](<https://support.f5.com/csp/article/K35408374>) | Medium | 5.9 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n15.1.3.1 \n14.1.4.2 \n13.1.4.1 \n[CVE-2021-23045](<https://support.f5.com/csp/article/K94941221>) | Medium | 5.3 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.3 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.5 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23046](<https://support.f5.com/csp/article/K70652532>) | Medium | 4.9 | BIG-IP (Guided Configuration) | 7.0 \n6.0 \n5.0 \n4.1 \n3.0 | 8.0 \nBIG-IP APM5 | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 16.1.0 \n[CVE-2021-23047](<https://support.f5.com/csp/article/K79428827>) | Medium | 5.3 | BIG-IP APM | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n15.1.3.1 \n14.1.4.3 \n13.1.5 \n[CVE-2021-23048](<https://support.f5.com/csp/article/K19012930>) | Medium | 5.9 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.5 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23049](<https://support.f5.com/csp/article/K65397301>) | Medium | 5.3 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 | 16.1.0 \n16.0.1.2 \n15.1.3 \n[CVE-2021-23050](<https://support.f5.com/csp/article/K44553214>) | Medium | 5.9 | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \nNGINX App Protect | 3.0.0 - 3.4.0 \n2.0.0 - 2.3.0 \n1.0.0 - 1.3.0 | 3.5.0 \n[CVE-2021-23051](<https://support.f5.com/csp/article/K01153535>) | Medium | 5.9 | BIG-IP (all modules) | 15.1.0.4 - 15.1.3 | 16.0.0 \n15.1.3.1 \n[CVE-2021-23052](<https://support.f5.com/csp/article/K32734107>) | Medium | 6.1 | BIG-IP APM | 14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 14.1.4.4 \n13.1.5 \n[CVE-2021-23053](<https://support.f5.com/csp/article/K36942191>) | Low | 3.7 | BIG-IP (Advanced WAF, ASM) | 15.1.0 - 15.1.2 \n14.1.0 - 14.1.3 \n13.1.0 - 13.1.3 | 16.0.0 \n15.1.3 \n14.1.3.1 \n13.1.3.6 \n[ID 889601](<https://support.f5.com/csp/article/K14903688>) | Not applicable | Not applicable | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.0.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4 \n13.1.4 \n[ID 928685](<https://support.f5.com/csp/article/K49549213>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \n[ID 929001](<https://support.f5.com/csp/article/K48321015>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.5 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.1 \n13.1.4 \n12.1.6 \n11.6.5.3 \n[ID 943913](<https://support.f5.com/csp/article/K30150004>) \n[WAFMC-4566](<https://support.f5.com/csp/article/K30150004>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.2 \n13.1.4.1 \nNGINX App Protect | 3.0.0 - 3.4.0 \n2.0.0 - 2.3.0 \n1.0.0 - 1.3.0 | 3.5.0 \n[ID 968421](<https://support.f5.com/csp/article/K30291321>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.5 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.2.1 \n14.1.4.2 \n13.1.4.1 \n12.1.6 \n11.6.5.3 \nNGINX App Protect | 2.0.0 - 2.1.0 \n1.0.0 - 1.3.0 | 2.2.0 \n[ID 987157](<https://support.f5.com/csp/article/K05391775>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 13.1.0 -13.1.4 | 13.1.5 \n \n1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle.\n\n2The limited number of customers using Appliance Mode will have Scope: Changed, which raises the CVSSv3 score to 9.9. For information on Appliance mode, refer to [K12815: Overview of Appliance mode](<https://support.f5.com/csp/article/K12815>).\n\n3The fix for this issue may cause a loss of functionality when the iRule command [RESOLV::lookup](<https://clouddocs.f5.com/api/irules/RESOLV__lookup.html>) is used. The iRule command **RESOLV::lookup** is deprecated as of BIG-IP 15.1.0; F5 recommends that customers update their iRules in favor of the [RESOLVER](<https://clouddocs.f5.com/api/irules/RESOLVER.html>) and [DNSMSG](<https://clouddocs.f5.com/api/irules/DNSMSG.html>) namespaces.\n\nFor more information on the specific conditions that result in a loss of behavior, refer to the following Bug Tracker items:\n\n * [Bug ID 1010697](<https://cdn.f5.com/product/bugtracker/ID1010697.html>)\n * [Bug ID 1037005](<https://cdn.f5.com/product/bugtracker/ID1037005.html>)\n * [Bug ID 1038921](<https://cdn.f5.com/product/bugtracker/ID1038921.html>)\n\n4This issue has been fixed in an engineering hotfix available for supported versions of the BIG-IP system. Customers affected by this issue can request a hotfix from F5 Support on the latest supported versions of the BIG-IP system.\n\n5You can independently upgrade F5 Guided Configuration without upgrading the entire BIG-IP system. To address this vulnerability, you can download and install an F5 Guided Configuration version listed in the **Fixed introduced in** column. For more information on how to upgrade F5 Guided Configuration and its supported upgrade path, refer to [K85454683: Upgrading F5 Guided Configuration on BIG-IP** **](<https://support.f5.com/csp/article/K85454683>)and [K06258575: Supported upgrade path for Guided Configuration](<https://support.f5.com/csp/article/K06258575>).\n", "published": "2021-08-24T13:55:00", "modified": "2022-04-20T04:11:00", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 6.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.1, "impactScore": 6.0}, "href": "https://support.f5.com/csp/article/K50974556", "reporter": "f5", "references": [], "cvelist": ["CVE-2020-5862", "CVE-2021-23025", "CVE-2021-23026", "CVE-2021-23027", "CVE-2021-23028", "CVE-2021-23029", "CVE-2021-23030", "CVE-2021-23031", "CVE-2021-23032", "CVE-2021-23033", "CVE-2021-23034", "CVE-2021-23035", "CVE-2021-23036", "CVE-2021-23037", "CVE-2021-23038", "CVE-2021-23039", "CVE-2021-23040", "CVE-2021-23041", "CVE-2021-23042", "CVE-2021-23043", "CVE-2021-23044", "CVE-2021-23045", "CVE-2021-23046", "CVE-2021-23047", "CVE-2021-23048", "CVE-2021-23049", "CVE-2021-23050", "CVE-2021-23051", "CVE-2021-23052", "CVE-2021-23053"], "immutableFields": [], "lastseen": "2022-04-20T05:39:24", "viewCount": 50, "enchantments": {"dependencies": {"references": [{"type": "cnvd", "idList": ["CNVD-2021-65621", "CNVD-2021-65622", "CNVD-2021-65623", "CNVD-2021-65624", "CNVD-2021-65625", "CNVD-2021-65632", "CNVD-2021-65633", "CNVD-2021-65634", "CNVD-2021-65635", "CNVD-2021-65636", "CNVD-2021-65637", "CNVD-2021-65638", "CNVD-2021-65639", "CNVD-2021-65640", "CNVD-2021-65641", "CNVD-2021-65642", "CNVD-2021-65643", "CNVD-2021-65644", "CNVD-2021-65645", "CNVD-2021-65646", "CNVD-2021-65647", "CNVD-2021-65648", "CNVD-2021-65649", "CNVD-2021-65650", "CNVD-2021-65651", "CNVD-2021-65652", "CNVD-2021-65653", "CNVD-2021-65654", "CNVD-2021-65655"]}, {"type": "cve", "idList": ["CVE-2020-5862", "CVE-2021-23025", "CVE-2021-23026", "CVE-2021-23027", "CVE-2021-23028", "CVE-2021-23029", "CVE-2021-23030", "CVE-2021-23031", "CVE-2021-23032", "CVE-2021-23033", "CVE-2021-23034", "CVE-2021-23035", "CVE-2021-23036", "CVE-2021-23037", "CVE-2021-23038", "CVE-2021-23039", "CVE-2021-23040", "CVE-2021-23041", "CVE-2021-23042", "CVE-2021-23043", "CVE-2021-23044", "CVE-2021-23045", "CVE-2021-23046", "CVE-2021-23047", "CVE-2021-23048", "CVE-2021-23049", "CVE-2021-23050", "CVE-2021-23051", "CVE-2021-23052", "CVE-2021-23053"]}, {"type": "f5", "idList": ["F5:K00602225", "F5:K01054113", "F5:K01153535", "F5:K05043394", "F5:K05314769", "F5:K19012930", "F5:K21435974", "F5:K24301698", "F5:K30523121", "F5:K32734107", "F5:K35408374", "F5:K36942191", "F5:K41351250", "F5:K42051445", "F5:K42526507", "F5:K44553214", "F5:K45407662", "F5:K52420610", "F5:K53854428", "F5:K55543151", "F5:K61643620", "F5:K63163637", "F5:K65397301", "F5:K66782293", "F5:K70415522", "F5:K70652532", "F5:K79428827", "F5:K93231374", "F5:K94255403", "F5:K94941221"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL01054113.NASL", "F5_BIGIP_SOL01153535.NASL", "F5_BIGIP_SOL05043394.NASL", "F5_BIGIP_SOL05314769.NASL", "F5_BIGIP_SOL21435974.NASL", "F5_BIGIP_SOL32734107.NASL", "F5_BIGIP_SOL36942191.NASL", "F5_BIGIP_SOL41351250.NASL", "F5_BIGIP_SOL42051445.NASL", "F5_BIGIP_SOL44553214.NASL", "F5_BIGIP_SOL52420610.NASL", "F5_BIGIP_SOL55543151.NASL", "F5_BIGIP_SOL63163637.NASL", "F5_BIGIP_SOL66782293.NASL", "F5_BIGIP_SOL70652532.NASL", "F5_BIGIP_SOL79428827.NASL", "F5_BIGIP_SOL93231374.NASL", "F5_BIGIP_SOL94255403.NASL", "F5_BIGIP_SOL94941221.NASL"]}, {"type": "thn", "idList": ["THN:AB6AF941A4E7A9700ED2262D095F402F"]}, {"type": "threatpost", "idList": ["THREATPOST:3132894F3650D97BBD8B8F473D9F1F4E"]}]}, "score": {"value": 0.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "canvas", "idList": ["NGINX"]}, {"type": "cisa", "idList": ["CISA:CCE702270C97E30FBBDF2CA8B6F50485"]}, {"type": "cve", "idList": ["CVE-2020-5862"]}, {"type": "f5", "idList": ["F5:K00602225", "F5:K01054113", "F5:K01153535", "F5:K05043394", "F5:K05314769", "F5:K19012930", "F5:K21435974", "F5:K24301698", "F5:K30523121", "F5:K32734107", "F5:K35408374", "F5:K36942191", "F5:K41351250", "F5:K42051445", "F5:K42526507", "F5:K44553214", "F5:K45407662", "F5:K52420610", "F5:K53854428", "F5:K55543151", "F5:K61643620", "F5:K63163637", "F5:K65397301", "F5:K66782293", "F5:K70415522", "F5:K70652532", "F5:K79428827", "F5:K93231374", "F5:K94255403", "F5:K94941221"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL01054113.NASL", "F5_BIGIP_SOL05043394.NASL", "F5_BIGIP_SOL05314769.NASL", "F5_BIGIP_SOL32734107.NASL", "F5_BIGIP_SOL36942191.NASL", "F5_BIGIP_SOL41351250.NASL", "F5_BIGIP_SOL42051445.NASL", "F5_BIGIP_SOL44553214.NASL", "F5_BIGIP_SOL52420610.NASL", "F5_BIGIP_SOL70652532.NASL", "F5_BIGIP_SOL79428827.NASL", "F5_BIGIP_SOL93231374.NASL", "F5_BIGIP_SOL94255403.NASL", "F5_BIGIP_SOL94941221.NASL"]}, {"type": "thn", "idList": ["THN:AB6AF941A4E7A9700ED2262D095F402F"]}, {"type": "threatpost", "idList": ["THREATPOST:3132894F3650D97BBD8B8F473D9F1F4E"]}]}, "exploitation": null, "affected_software": {"major_version": []}, "vulnersScore": 0.2}, "_state": {"dependencies": 1669649253, "score": 1669649702, "affected_software_major_version": 1669649783}, "_internal": {"score_hash": "48e51c377b90e318cd16509cc3aa5d2b"}, "affectedSoftware": []}

{"threatpost": [{"lastseen": "2021-08-26T23:21:16", "description": "Application delivery and networking firm F5 released a baker\u2019s dozen of 13 fixes for high-severity bugs, including one that could lead to complete system takeover and hence is boosted to \u201ccritical\u201d for customers that run BIG-IP in Appliance Mode, given that an attacker that holds valid credentials can bypass Appliance Mode restrictions.\n\nF5 \u2013 maker of near-ubiquitously installed enterprise networking gear \u2013 released nearly 30 vulnerabilities for multiple devices in its [August security updates](<https://support.f5.com/csp/article/K50974556>).\n\nThe worst of the bunch is tracked as [CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>) and affects BIG-IP modules Advanced WAF (Web Application Firewall) and the Application Security Manager (ASM) \u2013 specifically, the Traffic Management User Interface (TMUI).\n\n[](<https://threatpost.com/infosec-insider-subscription-page/?utm_source=ART&utm_medium=ART&utm_campaign=InfosecInsiders_Newsletter_Promo/>)\n\nF5 said that when the vulnerability is exploited, \u201can authenticated attacker with access to the Configuration utility can execute arbitrary system commands, create or delete files, and/or disable services,\u201d potentially leading to \u201ccomplete system compromise.\u201d\n\nCVE-2021-23031 normally entails a high rating of 8.8 severity, but that gets jacked up to 9.9 for just those customers that are using [Appliance mode](<https://support.f5.com/csp/article/K12815>). The Appliance mode adds technical restrictions and is designed to meet the needs of customers in \u201cespecially sensitive sectors\u201d by \u201climiting the BIG-IP system administrative access to match that of a typical network appliance and not a multi-user UNIX device.\u201d\n\nF5 lists a number of products that contain the affected code but aren\u2019t vulnerable, given that attackers can\u2019t exploit the code in default, standard or recommended configurations. F5 noted that there are a limited number of customers using it in the mode \u2013 i.e., Appliance mode \u2013 that elevates the vulnerability\u2019s CVSSv3 severity score to 9.9 (critical).\n\n## No Viable Mitigation\n\nF5 said that there\u2019s \u201cno viable mitigation\u201d that also allows users access to the Configuration utility, given that this attack can be pulled off by legitimate, authenticated users. The only way to mitigate is to pull the access of any users who aren\u2019t \u201ccompletely trusted,\u201d according to the advisory.\n\nCustomers who can\u2019t install a fixed version right off the bat can use the following temporary mitigations, which restrict access to the Configuration utility to only trusted networks or devices and thereby limit the attack surface:\n\n * [Block Configuration utility access through self IP addresses](<https://support.f5.com/csp/article/K41351250#proc1>)\n * [Block Configuration utility access through the management interface](<https://support.f5.com/csp/article/K41351250#proc2>)\n\nMichael Haugh, Vice President at network automation provider Gluware, told Threatpost that known vulnerabilities are challenging to respond to quickly or to mitigate speedily: As it is, network operation crews are \u201cunder the gun to keep the network highly available, secure and delivering the required performance for the business applications,\u201d he said. \u201cVendor vulnerabilities that require an OS Upgrade or patch can be very labor-intensive and potentially disruptive.\u201d\n\nVia email, Haugh observed that when it comes to a load balancer like F5, redundancy \u201cmust be part of the device\u201d and traffic \u201cmust be re-directed off an active device, taking it out of service to perform an upgrade.\u201d\n\nNot just once, mind you, but, often, multiple times: \u201cThis process often has to be repeated over dozens or even hundreds of devices depending on the organization. Having automated processes to pre-check, stage the image, gracefully execute the upgrades and complete post-checks can significantly improve the ability for NetOps to respond and execute a low-risk upgrade.\u201d\n\n## The Other Dozen Bugs\n\nBesides the critical CVE-2021-23031 flaw, the dozen high-severity security bugs addressed in this month\u2019s patch release and listed in the table below have risk scores of between 7.2 and 7.5. The flaws include authenticated remote command execution (RCE), cross-site scripting (XSS) and request forgery, as well as insufficient permission and denial-of-service (DOS).\n\nHalf of them affect all modules, five impact the Advanced WAF and ASM, and one affects the DNS module.\n\nCVE / Bug ID | Severity | CVSS score | Affected products | Affected versions | Fixes introduced in \n---|---|---|---|---|--- \n[CVE-2021-23025](<https://support.f5.com/csp/article/K55543151>) | High | 7.2 | BIG-IP (all modules) | 15.0.0 \u2013 15.1.0 \n14.1.0 \u2013 14.1.3 \n13.1.0 \u2013 13.1.3 \n12.1.0 \u2013 12.1.6 \n11.6.1 \u2013 11.6.5 | 16.0.0 \n15.1.0.5 \n14.1.3.1 \n13.1.3.5 \n[CVE-2021-23026](<https://support.f5.com/csp/article/K53854428>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.2 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 \n11.6.1 \u2013 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \nBIG-IQ | 8.0.0 \u2013 8.1.0 \n7.0.0 \u2013 7.1.0 \n6.0.0 \u2013 6.1.0 | None \n[CVE-2021-23027](<https://support.f5.com/csp/article/K24301698>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.2 \n14.1.0 \u2013 14.1.4 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n[CVE-2021-23028](<https://support.f5.com/csp/article/K00602225>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.3 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.2 \n13.1.4 \n[CVE-2021-23029](<https://support.f5.com/csp/article/K52420610>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 | 16.1.0 \n16.0.1.2 \n[CVE-2021-23030](<https://support.f5.com/csp/article/K42051445>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>) | High \n\n\u2014\n\nCritical \u2013 Appliance mode only\n\n| 8.8 \n\n\u2014\n\n9.9\n\n| BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.2 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.3 \n12.1.0 \u2013 12.1.5 \n11.6.1 \u2013 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.1 \n13.1.4 \n12.1.6 \n11.6.5.3 \n[CVE-2021-23032](<https://support.f5.com/csp/article/K45407662>) | High | 7.5 | BIG-IP (DNS) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 | 16.1.0 \n15.1.3.1 \n14.1.4.4 \n[CVE-2021-23033](<https://support.f5.com/csp/article/K05314769>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 | 16.1.0 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23034](<https://support.f5.com/csp/article/K30523121>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 | 16.1.0 \n15.1.3.1 \n[CVE-2021-23035](<https://support.f5.com/csp/article/K70415522>) | High | 7.5 | BIG-IP (all modules) | 14.1.0 \u2013 14.1.4 | 14.1.4.4 \n[CVE-2021-23036](<https://support.f5.com/csp/article/K05043394>) | High | 7.5 | BIG-IP (Advanced WAF, ASM, DataSafe) | 16.0.0 \u2013 16.0.1 | 16.1.0 \n16.0.1.2 \n[CVE-2021-23037](<https://support.f5.com/csp/article/K21435974>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 \u2013 16.1.0 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 \n11.6.1 \u2013 11.6.5 | None \n \n## CISA Security Advisory\n\nThe Cybersecurity and Infrastructure Security Agency (CISA) issued a [security advisory](<https://us-cert.cisa.gov/ncas/current-activity/2021/08/25/f5-releases-august-2021-security-advisory>) encouraging users and admins to review [F5\u2019s security advisory](<https://support.f5.com/csp/article/K50974556>) and to update the software or to apply mitigations ASAP.\n\n\u201cDon\u2019t delay\u201d is, of course, good advice when it comes to F5 equipment, given that the company\u2019s enterprise networking can be found in some of the largest tech companies in the world, including Facebook, Microsoft and Oracle. It\u2019s also found in the halls of a trove of Fortune 500 companies, including some of the world\u2019s biggest financial institutions and ISPs.\n\n## F5: Prime Pickings for Pests\n\nAll that gear is also gleefully picked apart by attackers. Case in point: [CVE 2020-5902](<https://threatpost.com/patch-critical-f5-flaw-active-attack/157164/>), a critical vulnerability in F5 Networks\u2019 BIG-IP advanced delivery controller networking devices that, as of July 2020, was being exploited by attackers to scrape credentials, launch malware and more, was recently featured in [CISA\u2019s list of top 30 bugs](<https://threatpost.com/cisa-top-bugs-old-enough-to-buy-beer/168247/>) \u201croutinely\u201d exploited in 2020 and into this year.\n\nJonathan Chua, application security consultant at app security provider nVisium, noted that F5 Big IP has been targeted by security researchers and adversaries due to the product\u2019s vulnerable, external nature. \u201cSeveral F5 application services can be hosted externally, allowing any internet user to attempt to connect to the service,\u201d he told Threatpost on Thusday. \u201cDue to the ease of accessibility and the amount of publicly known vulnerabilities associated with F5 applications, the service becomes a prime target for adversaries to break into a company\u2019s network via the external perimeter.\u201d\n\nHe pointed to the F5 Traffic Management User Interface (TMUI), which is [being actively exploited](<https://threatpost.com/critical-f5-big-ip-flaw-now-under-active-attack/164940/>), as one example. The service is often available on a company\u2019s external perimeter and contains a critical RCE vulnerability, he noted. \u201cAs a result, if the service is exploited, such service may provide external attackers an initial foothold in a company\u2019s internal network,\u201d Chua said in an email.\n\n082621 13:48 UPDATE: Added input from Jonathan Chua and Michael Haugh.\n\n_**Check out our free **_[_**upcoming live and on-demand webinar events**_](<https://threatpost.com/category/webinars/>)_** \u2013 unique, dynamic discussions with cybersecurity experts and the Threatpost community.**_\n", "cvss3": {}, "published": "2021-08-26T16:40:38", "type": "threatpost", "title": "F5 Bug Could Lead to Complete System Takeover", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-23025", "CVE-2021-23026", "CVE-2021-23027", "CVE-2021-23028", "CVE-2021-23029", "CVE-2021-23030", "CVE-2021-23031", "CVE-2021-23032", "CVE-2021-23033", "CVE-2021-23034", "CVE-2021-23035", "CVE-2021-23036", "CVE-2021-23037"], "modified": "2021-08-26T16:40:38", "id": "THREATPOST:3132894F3650D97BBD8B8F473D9F1F4E", "href": "https://threatpost.com/f5-critical-bug-system-takeover/168952/", "cvss": {"score": 0.0, "vector": "NONE"}}], "thn": [{"lastseen": "2022-05-09T12:37:23", "description": "[](<https://thehackernews.com/images/-gfgFxzl_oz8/YSd_vfZfXwI/AAAAAAAADqE/9iD9m1l_Ni4LUBNSEi0F4GZmnL4Tjf5fACLcBGAsYHQ/s0/f4.jpg>)\n\nEnterprise security and network appliance vendor F5 has released patches for more than [two dozen security vulnerabilities](<https://support.f5.com/csp/article/K50974556>) affecting multiple versions of BIG-IP and BIG-IQ devices that could potentially allow an attacker to perform a wide range of malicious actions, including accessing arbitrary files, escalating privileges, and executing JavaScript code.\n\nOf the 29 bugs addressed, 13 are high-severity flaws, 15 are rated medium, and one is rated low in severity.\n\nChief among them is [CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>) (CVSS score: 8.8), a vulnerability affecting BIG-IP Advanced Web Application Firewall and BIG-IP Application Security Manager that allows an authenticated user to perform a privilege escalation.\n\n\"When this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary system commands, create or delete files, and/or disable services. This vulnerability may result in complete system compromise,\" F5 said in its advisory.\n\nIt's worth noting that for customers running the device in [Appliance Mode](<https://support.f5.com/csp/article/K12815>), which applies additional technical restrictions in sensitive sectors, the same vulnerability comes with a critical rating of 9.9 out of 10. \"As this attack is conducted by legitimate, authenticated users, there is no viable mitigation that also allows users access to the Configuration utility. The only mitigation is to remove access for users who are not completely trusted,\" the company said.\n\nThe other major vulnerabilities resolved by F5 are listed below -\n\n * **CVE-2021-23025** (CVSS score: 7.2) - Authenticated remote command execution vulnerability in BIG-IP Configuration utility\n * **CVE-2021-23026** (CVSS score: 7.5) - Cross-site request forgery (CSRF) vulnerability in iControl SOAP\n * **CVE-2021-23027 and CVE-2021-23037** (CVSS score: 7.5) - TMUI DOM-based and reflected cross-site scripting (XSS) vulnerabilities\n * **CVE-2021-23028** (CVSS score: 7.5) - BIG-IP Advanced WAF and ASM vulnerability\n * **CVE-2021-23029** (CVSS score: 7.5) - BIG-IP Advanced WAF and ASM TMUI vulnerability\n * **CVE-2021-23030 and CVE-2021-23033** (CVSS score: 7.5) - BIG-IP Advanced WAF and ASM Websocket vulnerabilities\n * **CVE-2021-23032** (CVSS score: 7.5) - BIG-IP DNS vulnerability\n * **CVE-2021-23034, CVE-2021-23035, and CVE-2021-23036** (CVSS score: 7.5) - Traffic Management Microkernel vulnerabilities\n\nAdditionally, F5 has also patched a number of flaws that range from directory traversal vulnerability and SQL injection to open redirect vulnerability and cross-site request forgery, as well as a MySQL database flaw that results in the database consuming more storage space than expected when brute-force protection features of the firewall are enabled.\n\nWith F5 devices often becoming [juicy](<https://thehackernews.com/2020/07/f5-big-ip-application-security.html>) [targets](<https://thehackernews.com/2021/03/latest-f5-big-ip-bug-under-active.html>) for active exploitation attempts by threat actors, it's highly recommended that users and administrators install updated software or apply the necessary mitigations as soon as possible. \n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-08-26T11:51:00", "type": "thn", "title": "F5 Releases Critical Security Patch for BIG-IP and BIG-IQ Devices", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23025", "CVE-2021-23026", "CVE-2021-23027", "CVE-2021-23028", "CVE-2021-23029", "CVE-2021-23030", "CVE-2021-23031", "CVE-2021-23032", "CVE-2021-23033", "CVE-2021-23034", "CVE-2021-23035", "CVE-2021-23036", "CVE-2021-23037"], "modified": "2021-08-27T07:48:49", "id": "THN:AB6AF941A4E7A9700ED2262D095F402F", "href": "https://thehackernews.com/2021/08/f5-releases-critical-security-patches.html", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "f5": [{"lastseen": "2022-07-27T20:42:50", "description": "When the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This is due to an incomplete fix for CVE-2020-5862. ([CVE-2021-23051](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23051>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only. This issue does not affect any other hardware, virtual platforms, or cloud providers, as the affected driver is specific to AWS.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-24T13:39:00", "type": "f5", "title": "BIG-IP AWS vulnerability CVE-2021-23051", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5862", "CVE-2021-23051"], "modified": "2022-07-27T20:22:00", "id": "F5:K01153535", "href": "https://support.f5.com/csp/article/K01153535", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-19T16:57:44", "description": "When BIG-IP APM performs Online Certificate Status Protocol (OCSP) verification of a certificate that contains Authority Information Access (AIA), undisclosed requests may cause an increase in memory use. ([CVE-2021-23047](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23047>))\n\nImpact\n\nThis vulnerability allows a remote attacker to cause a degradation of service that may cause a denial-of-service (DoS) on the BIG-IP system and send OCSP AIA requests to the wrong server.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-08-24T13:31:00", "type": "f5", "title": "BIG-IP APM OCSP vulnerability CVE-2021-23047", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23047"], "modified": "2022-04-19T16:06:00", "id": "F5:K79428827", "href": "https://support.f5.com/csp/article/K79428827", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-01T12:57:43", "description": "When the Intel QuickAssist Technology (QAT) compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition (VE) platforms, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23044](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23044>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n\nThis vulnerability applies to the following platforms:\n\n * i4000, i4600, i4800, YK i4000\n * i5000, i5600, i5800, HRC-i5000, HRC-i5800, i5820-DF\n * i7000, i7600, i7800, i7000-D, i7820-DF\n * i10000, i10600, i10800, i10000-D, HRC-i10800\n * i11000, i11600, i11800, i11000-DS, i11000-D\n * i15000, i15600, i15800, i15000-N\n * VIPRION B4400N blade\n * BIG-IP Virtual Edition (VE)\n\n**Note**: BIG-IP VE cryptographic and compression offload is a licensed feature available only on the KVM hypervisor. If you have licensed this feature (a BIG-IP VE using the affected Intel QAT hardware [Lewisburg and Lewis Hill QAT devices] with an affected Intel QAT SR-IOV VF driver included in the BIG-IP VE version) then the Intel QAT PF (Lewisburg and Lewis Hill QAT devices) driver installed on the host is vulnerable. Under this very explicit KVM scenario, a BIG-IP VE is vulnerable.\n", "cvss3": {}, "published": "2021-08-24T12:41:00", "type": "f5", "title": "BIG-IP compression driver vulnerability CVE-2021-23044", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23044"], "modified": "2021-08-24T12:41:00", "id": "F5:K35408374", "href": "https://support.f5.com/csp/article/K35408374", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:42", "description": "When GPRS Tunneling Protocol (GTP) iRules commands or a GTP profile is configured on a virtual server, undisclosed GTP messages can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23048](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23048>)).\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T13:34:00", "type": "f5", "title": "TMM GTP vulnerability CVE-2021-23048", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23048"], "modified": "2021-08-24T13:34:00", "id": "F5:K19012930", "href": "https://support.f5.com/csp/article/K19012930", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-08T18:08:55", "description": "When the brute force protection feature of ASM/Adv WAF is enabled on a virtual server and the virtual server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit on undisclosed tables in the MYSQL database. ([CVE-2021-23053](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23053>))\n\nImpact\n\nWhen attackers exploit this vulnerability, the MySQL database consumes more storage space than expected. As a result, the related configuration and reporting services in the Configuration utility, the TMOS Shell (**tmsh**), and iControl REST may fail to function as expected. Though the attack originates in the data plane, the attack impacts only the control plane.\n", "cvss3": {}, "published": "2021-08-24T12:46:00", "type": "f5", "title": "Advanced WAF and BIG-IP ASM MySQL database vulnerability CVE-2021-23053", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23053"], "modified": "2021-09-08T17:07:00", "id": "F5:K36942191", "href": "https://support.f5.com/csp/article/K36942191", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:42", "description": "An open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious user to build an open redirect URI. ([CVE-2021-23052](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23052>))\n\nImpact\n\nAn unauthenticated attacker can create an open redirect URI with a specially crafted value and trick BIG-IP APM users into visiting the crafted URI. Victims may be redirected to a malicious website by following the misleading URI.\n", "cvss3": {}, "published": "2021-08-24T13:42:00", "type": "f5", "title": "BIG-IP APM vulnerability CVE-2021-23052", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23052"], "modified": "2021-08-24T13:42:00", "id": "F5:K32734107", "href": "https://support.f5.com/csp/article/K32734107", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:42", "description": "When the iRules RESOLVER::summarize** **command is used on a virtual server, undisclosed requests can cause an increase in Traffic Management Microkernel (TMM) memory utilization resulting in an out-of-memory condition and a denial-of-service (DoS). ([CVE-2021-23049](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-23049>))\n\nImpact\n\nSystem performance degradation can occur until the process is either forced to restart or manually restarted. This vulnerability allows a remote attacker to cause a degradation of service that can lead to a DoS on the BIG-IP system.\n", "cvss3": {}, "published": "2021-08-24T13:36:00", "type": "f5", "title": "iRules RESOLVER::summarize memory leak vulnerability CVE-2021-23049", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23049"], "modified": "2021-08-24T13:36:00", "id": "F5:K65397301", "href": "https://support.f5.com/csp/article/K65397301", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:42", "description": "When an SCTP profile with multiple paths is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23045](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23045>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T13:24:00", "type": "f5", "title": "TMM SCTP vulnerability CVE-2021-23045", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23045"], "modified": "2021-08-24T13:24:00", "id": "F5:K94941221", "href": "https://support.f5.com/csp/article/K94941221", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-09T22:08:54", "description": "When a cross-site request forgery (CSRF)-enabled policy is configured on a virtual server, an undisclosed HTML response may cause the bd process to terminate. ([CVE-2021-23050](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23050>))\n\nImpact\n\nTraffic is disrupted until the **bd** process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the web application firewall. There is no control plane exposure; this is a data plane issue only. For more information about the **bd** process, refer to the following articles for your web application firewall product:\n\n * [K14020: BIG-IP ASM daemons (11.x - 16.x)](<https://support.f5.com/csp/article/K14020>)\n * [K10144744: Overview of NGINX App Protect administration](<https://support.f5.com/csp/article/K10144744>)\n\n**Important**: The AWS Container Marketplace and the F5 Docker registry (**docker-registry.nginx.com**) provide NGINX container images that may also include vulnerable versions of NGINX App Protect. For example, if you are using the **NGINX Ingress Controller with NGINX App Protect** image from the AWS Container Marketplace, you may be using a vulnerable version of NGINX App Protect. To determine the version of your NGINX products, refer to [K72015934: Display the NGINX software version](<https://support.f5.com/csp/article/K72015934>).\n", "cvss3": {}, "published": "2021-08-24T12:48:00", "type": "f5", "title": "Web application firewall vulnerability CVE-2021-23050", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23050"], "modified": "2021-09-09T20:15:00", "id": "F5:K44553214", "href": "https://support.f5.com/csp/article/K44553214", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-04-19T03:31:04", "description": "When a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23032](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23032>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure, this is a data plane issue only.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-24T12:46:00", "type": "f5", "title": "BIG-IP DNS vulnerability CVE-2021-23032", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23032"], "modified": "2022-04-19T02:54:00", "id": "F5:K45407662", "href": "https://support.f5.com/csp/article/K45407662", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-10T00:00:00", "description": "An authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility. ([CVE-2021-23025](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23025>))\n\nImpact\n\nThis vulnerability may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.\n\nThis vulnerability may result in complete system compromise.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-24T13:44:00", "type": "f5", "title": "BIG-IP TMUI vulnerability CVE-2021-23025", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23025"], "modified": "2021-12-01T05:50:00", "id": "F5:K55543151", "href": "https://support.f5.com/csp/article/K55543151", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-09-08T18:08:55", "description": "When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. ([CVE-2021-23030](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23030>))\n\nImpact\n\nTraffic is disrupted while the **bd** process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T13:02:00", "type": "f5", "title": "BIG-IP Advanced WAF and ASM WebSocket vulnerability CVE-2021-23030", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23030"], "modified": "2021-09-08T17:26:00", "id": "F5:K42051445", "href": "https://support.f5.com/csp/article/K42051445", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-08T18:08:55", "description": "An authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. ([CVE-2021-23031](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23031>))\n\nImpact\n\nWhen this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary system commands, create or delete files, and/or disable services. This vulnerability may result in complete system compromise.\n", "cvss3": {}, "published": "2021-08-12T21:29:00", "type": "f5", "title": "BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23031", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23031"], "modified": "2021-09-08T17:35:00", "id": "F5:K41351250", "href": "https://support.f5.com/csp/article/K41351250", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-02-10T00:00:00", "description": "Insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. ([CVE-2021-23029](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-23029>))\n\nImpact\n\nAn attacker with network access to the management interface and authenticated with guest privileges may be able to perform an SSRF attack.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-24T12:50:00", "type": "f5", "title": "Advanced WAF and BIG-IP ASM TMUI vulnerability CVE-2021-23029", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23029"], "modified": "2021-09-23T20:32:00", "id": "F5:K52420610", "href": "https://support.f5.com/csp/article/K52420610", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-09-01T12:57:43", "description": "A DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. ([CVE-2021-23027](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23027>))\n\nImpact\n\nAn attacker may exploit this vulnerability by causing an authenticated user to submit malicious HTML or JavaScript code in the BIG-IP Configuration utility. If successful, an attacker can run JavaScript in the context of the currently logged-in user. In the case of an administrative user with access to the Advanced Shell (**bash**), an attacker can leverage successful exploitation of this vulnerability to compromise the BIG-IP system.\n", "cvss3": {}, "published": "2021-08-24T12:49:00", "type": "f5", "title": "TMUI XSS vulnerability CVE-2021-23027", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23027"], "modified": "2021-08-24T12:49:00", "id": "F5:K24301698", "href": "https://support.f5.com/csp/article/K24301698", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-11-28T15:30:30", "description": "When JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. ([CVE-2021-23028](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-23028>))\n\nImpact\n\nTraffic is disrupted while the BIG-IP ASM **bd** process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-24T13:05:00", "type": "f5", "title": "Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23028", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23028"], "modified": "2022-07-27T20:19:00", "id": "F5:K00602225", "href": "https://support.f5.com/csp/article/K00602225", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-19T03:30:59", "description": "A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files. ([CVE-2021-23043](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23043>))\n\nImpact\n\nAn authenticated attacker may exploit this vulnerability by sending a crafted request to the BIG-IP Configuration utility. If the exploit is successful, an attacker can access arbitrary files in the web root.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-24T12:52:00", "type": "f5", "title": "BIG-IP TMUI vulnerability CVE-2021-23043", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23043"], "modified": "2022-04-19T03:16:00", "id": "F5:K63163637", "href": "https://support.f5.com/csp/article/K63163637", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-09-23T20:09:19", "description": "BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. ([CVE-2021-23026](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23026>))\n\nImpact\n\nAn attacker may trick authenticated users into performing critical actions. This vulnerability can only be exploited through the control plane and cannot be exploited through the data plane. Exploitation can lead to complete system compromise.\n", "cvss3": {}, "published": "2021-08-24T12:59:00", "type": "f5", "title": "iControl SOAP vulnerability CVE-2021-23026", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23026"], "modified": "2021-09-23T20:06:00", "id": "F5:K53854428", "href": "https://support.f5.com/csp/article/K53854428", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:42", "description": "When a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. ([CVE-2021-23046](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23046>))\n\nImpact\n\nUsers with access to **restnoded **logs may gain access to sensitive information from the security properties of F5 Access Guided Configuration.\n\nFor more information about Guided Configuration, refer to [K52653125: Overview of Guided Configuration](<https://support.f5.com/csp/article/K52653125>).\n", "cvss3": {}, "published": "2021-08-24T13:27:00", "type": "f5", "title": "F5 Access Guided Configuration logging vulnerability CVE-2021-23046", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23046"], "modified": "2021-08-24T13:29:00", "id": "F5:K70652532", "href": "https://support.f5.com/csp/article/K70652532", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-08T18:08:55", "description": "When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. ([CVE-2021-23033](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23033>))\n\nImpact\n\nTraffic is disrupted while the **bd** process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T12:49:00", "type": "f5", "title": "BIG-IP Advanced WAF and ASM WebSocket vulnerability CVE-2021-23033", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23033"], "modified": "2021-09-08T17:28:00", "id": "F5:K05314769", "href": "https://support.f5.com/csp/article/K05314769", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:43", "description": "When an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23035](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23035>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T12:42:00", "type": "f5", "title": "TMM vulnerability CVE-2021-23035", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23035"], "modified": "2021-08-24T12:42:00", "id": "F5:K70415522", "href": "https://support.f5.com/csp/article/K70415522", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:42", "description": "When a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. ([CVE-2021-23034](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23034>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T13:50:00", "type": "f5", "title": "BIG-IP TMM vulnerability CVE-2021-23034", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23034"], "modified": "2021-08-24T13:50:00", "id": "F5:K30523121", "href": "https://support.f5.com/csp/article/K30523121", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:42", "description": "When an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization. ([CVE-2021-23042](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23042>))\n\nImpact\n\nSystem performance degradation can occur until the process is either forced to restart or manually restarted. This vulnerability allows a remote attacker to cause a degradation of service that can lead to a denial-of-service (DoS) on the BIG-IP system.\n", "cvss3": {}, "published": "2021-08-24T13:21:00", "type": "f5", "title": "BIG-IP HTTP vulnerability CVE-2021-23042", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23042"], "modified": "2021-08-24T13:21:00", "id": "F5:K93231374", "href": "https://support.f5.com/csp/article/K93231374", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:43", "description": "A DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the current logged-in user. ([CVE-2021-23041](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23041>))\n\nImpact\n\nAn attacker may exploit this vulnerability by convincing an authenticated user to submit malicious HTML or JavaScript code in the BIG-IP Configuration utility. If successful, an attacker can run JavaScript in the context of the currently logged-in user. In the case of an administrative user with access to the Advanced Shell (**bash**), an attacker can leverage successful exploitation of this vulnerability to compromise the BIG-IP system.\n", "cvss3": {}, "published": "2021-08-24T12:49:00", "type": "f5", "title": "BIG-IP TMUI vulnerability CVE-2021-23041", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23041"], "modified": "2021-08-24T12:49:00", "id": "F5:K42526507", "href": "https://support.f5.com/csp/article/K42526507", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:42", "description": "A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. ([CVE-2021-23038](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23038>))\n\nImpact\n\nAn authenticated attacker may exploit this vulnerability by storing malicious HTML or JavaScript code in the BIG-IP Configuration utility. If successful, an attacker can run JavaScript in the context of the currently logged-in user. In the case of an administrative user with access to the Advanced Shell (**bash**), an attacker can leverage successful exploitation of this vulnerability to compromise the BIG-IP system.\n", "cvss3": {}, "published": "2021-08-24T13:47:00", "type": "f5", "title": "BIG-IP TMUI XSS vulnerability CVE-2021-23038", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23038"], "modified": "2021-08-24T13:47:00", "id": "F5:K61643620", "href": "https://support.f5.com/csp/article/K61643620", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:43", "description": "A SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. ([CVE-2021-23040](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23040>))\n\nImpact\n\nAn authenticated attacker can exploit this vulnerability to execute malicious SQL statements through the BIG-IP Configuration utility.\n", "cvss3": {}, "published": "2021-08-24T13:10:00", "type": "f5", "title": "BIG-IP AFM vulnerability CVE-2021-23040", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23040"], "modified": "2021-08-24T13:10:00", "id": "F5:K94255403", "href": "https://support.f5.com/csp/article/K94255403", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-04-19T03:31:09", "description": "When IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote (IPSec) peer, which already has a negotiated Security Association, can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23039](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23039>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows an authorized remote (IPSec) peer, which already has a negotiated Security Association, to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-24T13:44:00", "type": "f5", "title": "TMM vulnerability CVE-2021-23039", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23039"], "modified": "2022-04-19T02:47:00", "id": "F5:K66782293", "href": "https://support.f5.com/csp/article/K66782293", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-01T12:57:43", "description": "When a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23036](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23036>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure, this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T12:47:00", "type": "f5", "title": "TMM vulnerability CVE-2021-23036", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23036"], "modified": "2021-08-24T12:47:00", "id": "F5:K05043394", "href": "https://support.f5.com/csp/article/K05043394", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-04-19T03:31:14", "description": "A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. ([CVE-2021-23037](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-23037>))\n\nImpact\n\nAn attacker may exploit this vulnerability by causing an authenticated user to send a crafted URL that is then reflected back and executed by the user&#x27;s web browser. If successful, an attacker can run JavaScript in the context of the currently logged-in user. In the case of an administrative user with access to the Advanced Shell (**bash**), an attacker can leverage successful exploitation of this vulnerability to compromise the BIG-IP system.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-08-24T12:34:00", "type": "f5", "title": "TMUI XSS vulnerability CVE-2021-23037", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23037"], "modified": "2022-04-19T02:32:00", "id": "F5:K21435974", "href": "https://support.f5.com/csp/article/K21435974", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-06T22:39:29", "description": "\nF5 Product Development has assigned ID 846157 (BIG-IP) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) | 15.x | 15.0.0 - 15.1.0 | 15.1.0.2 \n15.0.1.2 | Low | [3.7](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L>) | TMM on AWS \n14.x | 14.1.0 - 14.1.2 | 14.1.2.3 \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nBIG-IQ Centralized Management | 7.x | None | Not applicable | Not vulnerable | None | None \n6.x | None | Not applicable \n5.x | None | Not applicable \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 15.x)](<https://support.f5.com/csp/article/K13123>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-03-27T03:37:00", "type": "f5", "title": "BIG-IP AWS vulnerability CVE-2020-5862 ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5862", "CVE-2020-5862"], "modified": "2020-03-27T03:37:00", "id": "F5:K01054113", "href": "https://support.f5.com/csp/article/K01054113", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T14:28:25", "description": "On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This is due to an incomplete fix for CVE-2020-5862. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T13:15:00", "type": "cve", "title": "CVE-2021-23051", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5862", "CVE-2021-23051"], "modified": "2021-09-27T17:21:00", "cpe": [], "id": "CVE-2021-23051", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23051", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:28:18", "description": "On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, and all versions of 13.1.x, 12.1.x and 11.6.x, when BIG-IP APM performs Online Certificate Status Protocol (OCSP) verification of a certificate that contains Authority Information Access (AIA), undisclosed requests may cause an increase in memory use. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-09-14T14:15:00", "type": "cve", "title": "CVE-2021-23047", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23047"], "modified": "2021-09-27T16:36:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager:16.0.1", "cpe:/a:f5:big-ip_access_policy_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6"], "id": "CVE-2021-23047", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23047", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.0.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:13", "description": "On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x, when the Intel QuickAssist Technology (QAT) compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition (VE) platforms, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T16:15:00", "type": "cve", "title": "CVE-2021-23044", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23044"], "modified": "2021-09-27T13:33:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_analytics:11.6.5", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.4.1", "cpe:/a:f5:big-ip_access_policy_manager:11.6.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.5"], "id": "CVE-2021-23044", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23044", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-08-30T18:58:23", "description": "On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the brute force protection feature of BIG-IP Advanced WAF or BIG-IP ASM is enabled on a virtual server and the virtual server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit on undisclosed tables in the MYSQL database. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-09-14T13:15:00", "type": "cve", "title": "CVE-2021-23053", "cwe": ["CWE-770"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23053"], "modified": "2022-08-30T16:13:00", "cpe": [], "id": "CVE-2021-23053", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23053", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:28:18", "description": "On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x, when GPRS Tunneling Protocol (GTP) iRules commands or a GTP profile is configured on a virtual server, undisclosed GTP messages can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T13:15:00", "type": "cve", "title": "CVE-2021-23048", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23048"], "modified": "2021-09-24T14:38:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_analytics:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:11.6.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:11.6.5"], "id": "CVE-2021-23048", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23048", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:15", "description": "On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when an SCTP profile with multiple paths is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T17:15:00", "type": "cve", "title": "CVE-2021-23045", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23045"], "modified": "2021-09-27T12:39:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_ssl_orchestrator:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_ddos_hybrid_defender:12.1.6", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.6", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6"], "id": "CVE-2021-23045", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23045", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:21", "description": "On BIG-IP version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3, when the iRules RESOLVER::summarize command is used on a virtual server, undisclosed requests can cause an increase in Traffic Management Microkernel (TMM) memory utilization resulting in an out-of-memory condition and a denial-of-service (DoS). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T13:15:00", "type": "cve", "title": "CVE-2021-23049", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23049"], "modified": "2021-09-24T15:02:00", "cpe": [], "id": "CVE-2021-23049", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23049", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:28:27", "description": "On version 14.1.x before 14.1.4.4 and all versions of 13.1.x, an open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious user to build an open redirect URI. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-09-14T13:15:00", "type": "cve", "title": "CVE-2021-23052", "cwe": ["CWE-601"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23052"], "modified": "2021-09-27T16:12:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager:13.1.4"], "id": "CVE-2021-23052", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23052", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:23", "description": "On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3 and NGINX App Protect on all versions before 3.5.0, when a cross-site request forgery (CSRF)-enabled policy is configured on a virtual server, an undisclosed HTML response may cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T13:15:00", "type": "cve", "title": "CVE-2021-23050", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23050"], "modified": "2021-09-27T16:59:00", "cpe": ["cpe:/a:f5:nginx_app_protect:1.3.0", "cpe:/a:f5:nginx_app_protect:2.3.0"], "id": "CVE-2021-23050", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23050", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:nginx_app_protect:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:nginx_app_protect:1.3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:52", "description": "On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23032", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23032"], "modified": "2021-09-27T12:49:00", "cpe": ["cpe:/a:f5:big-ip_domain_name_system:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:12.1.6"], "id": "CVE-2021-23032", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23032", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_domain_name_system:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:38", "description": "On version 15.1.x before 15.1.0.5, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all versions of 12.1.x and 11.6.x, an authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-14T21:15:00", "type": "cve", "title": "CVE-2021-23025", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23025"], "modified": "2021-11-30T21:56:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_analytics:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:11.6.5", "cpe:/a:f5:big-ip_ssl_orchestrator:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_ssl_orchestrator:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.5", "cpe:/a:f5:big-ip_application_security_manager:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_ddos_hybrid_defender:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_ddos_hybrid_defender:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6"], "id": "CVE-2021-23025", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23025", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:42", "description": "On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, and 14.1.x before 14.1.4.3, a DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-09-14T22:15:00", "type": "cve", "title": "CVE-2021-23027", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23027"], "modified": "2021-09-28T18:51:00", "cpe": ["cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:16.0.1.1", "cpe:/a:f5:big-ip_ddos_hybrid_defender:16.0.1.1", "cpe:/a:f5:big-ip_application_security_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.0.1.1", "cpe:/a:f5:big-ip_ssl_orchestrator:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4", "cpe:/a:f5:big-ip_ddos_hybrid_defender:14.1.4", "cpe:/a:f5:big-ip_domain_name_system:14.1.4", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:16.0.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4", "cpe:/a:f5:big-ip_link_controller:14.1.4", "cpe:/a:f5:big-ip_link_controller:15.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.0.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:16.0.1.1", "cpe:/a:f5:big-ip_access_policy_manager:16.0.1.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4", "cpe:/a:f5:big-ip_analytics:15.1.3", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4", "cpe:/a:f5:big-ip_ddos_hybrid_defender:15.1.3", "cpe:/a:f5:big-ip_application_security_manager:16.0.1.1", "cpe:/a:f5:big-ip_link_controller:16.0.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_ssl_orchestrator:15.1.3", "cpe:/a:f5:big-ip_analytics:14.1.4", "cpe:/a:f5:big-ip_access_policy_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_web_application_firewall:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.3", "cpe:/a:f5:big-ip_domain_name_system:16.0.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1.1", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4", "cpe:/a:f5:big-ip_analytics:16.0.1.1", "cpe:/a:f5:big-ip_domain_name_system:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4"], "id": "CVE-2021-23027", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23027", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.0.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:49", "description": "On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T21:15:00", "type": "cve", "title": "CVE-2021-23030", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23030"], "modified": "2021-09-29T19:10:00", "cpe": ["cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4", "cpe:/a:f5:big-ip_advanced_web_application_firewall:15.1.3", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:13.1.4", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_application_security_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:13.1.4"], "id": "CVE-2021-23030", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23030", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:53", "description": "On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, an authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-09-14T19:15:00", "type": "cve", "title": "CVE-2021-23031", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23031"], "modified": "2021-09-30T14:42:00", "cpe": ["cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4", "cpe:/a:f5:big-ip_advanced_web_application_firewall:15.1.2", "cpe:/a:f5:big-ip_application_security_manager:11.6.5.2", "cpe:/a:f5:big-ip_application_security_manager:13.1.3", "cpe:/a:f5:big-ip_advanced_web_application_firewall:11.6.5.2", "cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.5", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1.1", "cpe:/a:f5:big-ip_application_security_manager:15.1.2", "cpe:/a:f5:big-ip_application_security_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:13.1.3"], "id": "CVE-2021-23031", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23031", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.5:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:45", "description": "On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-14T23:15:00", "type": "cve", "title": "CVE-2021-23029", "cwe": ["CWE-918"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23029"], "modified": "2021-09-27T16:50:00", "cpe": [], "id": "CVE-2021-23029", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23029", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:27:47", "description": "On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, and 13.1.x before 13.1.4, when JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T21:15:00", "type": "cve", "title": "CVE-2021-23028", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23028"], "modified": "2021-09-24T19:19:00", "cpe": ["cpe:/a:f5:big-ip_advanced_web_application_firewall:13.1.3.6", "cpe:/a:f5:big-ip_application_security_manager:16.0.1", "cpe:/a:f5:big-ip_application_security_manager:14.1.4.1", "cpe:/a:f5:big-ip_application_security_manager:13.1.3.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4.1"], "id": "CVE-2021-23028", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23028", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.3.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:40", "description": "BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-14T22:15:00", "type": "cve", "title": "CVE-2021-23026", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23026"], "modified": "2021-09-29T19:21:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:13.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:16.0.1.1", "cpe:/a:f5:big-ip_access_policy_manager:15.1.2", "cpe:/a:f5:big-ip_ddos_hybrid_defender:15.1.2", "cpe:/a:f5:big-ip_ddos_hybrid_defender:13.1.4", "cpe:/a:f5:big-ip_analytics:13.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:15.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.0.1.1", "cpe:/a:f5:big-ip_application_security_manager:13.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:15.1.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.2", "cpe:/a:f5:big-ip_ddos_hybrid_defender:14.1.4", "cpe:/a:f5:big-ip_domain_name_system:14.1.4", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_link_controller:15.1.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:16.0.1.1", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.4", "cpe:/a:f5:big-ip_analytics:15.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.2", "cpe:/a:f5:big-iq_centralized_management:6.1.0", "cpe:/a:f5:big-ip_application_security_manager:15.1.2", "cpe:/a:f5:big-ip_global_traffic_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4", "cpe:/a:f5:big-ip_link_controller:14.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.0.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:13.1.4", "cpe:/a:f5:big-ip_access_policy_manager:16.0.1.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4", "cpe:/a:f5:big-iq_centralized_management:7.1.0", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.2", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.2", "cpe:/a:f5:big-iq_centralized_management:8.1.0", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.2", "cpe:/a:f5:big-ip_application_security_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:13.1.4", "cpe:/a:f5:big-ip_link_controller:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:15.1.2", "cpe:/a:f5:big-ip_analytics:14.1.4", "cpe:/a:f5:big-ip_link_controller:13.1.4", "cpe:/a:f5:big-ip_access_policy_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:16.0.1.1", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.4", "cpe:/a:f5:big-ip_ddos_hybrid_defender:16.0.1", "cpe:/a:f5:big-ip_fraud_protection_service:16.0.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.2", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1.1", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4", "cpe:/a:f5:big-ip_analytics:16.0.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4"], "id": "CVE-2021-23026", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23026", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:6.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.0.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:11", "description": "On BIG-IP, on all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T15:15:00", "type": "cve", "title": "CVE-2021-23043", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23043"], "modified": "2021-09-24T17:52:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:13.1.4", "cpe:/a:f5:big-ip_analytics:11.6.5", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.3", "cpe:/a:f5:big-ip_access_policy_manager:11.6.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.4", "cpe:/a:f5:big-ip_analytics:13.1.4", "cpe:/a:f5:big-ip_application_security_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:13.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.1.0", "cpe:/a:f5:big-ip_domain_name_system:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.1.0", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:16.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.4", "cpe:/a:f5:big-ip_link_controller:16.1.0", "cpe:/a:f5:big-ip_analytics:16.1.0", "cpe:/a:f5:big-ip_application_security_manager:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:16.1.0", "cpe:/a:f5:big-ip_access_policy_manager:16.1.0", "cpe:/a:f5:big-ip_link_controller:14.1.4", "cpe:/a:f5:big-ip_link_controller:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:16.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_analytics:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:16.1.0", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_analytics:14.1.4", "cpe:/a:f5:big-ip_access_policy_manager:15.1.3", "cpe:/a:f5:big-ip_access_policy_manager:13.1.4", "cpe:/a:f5:big-ip_link_controller:13.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.3", "cpe:/a:f5:big-ip_global_traffic_manager:16.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:16.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4", "cpe:/a:f5:big-ip_domain_name_system:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4"], "id": "CVE-2021-23043", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23043", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:16", "description": "On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 4.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T15:15:00", "type": "cve", "title": "CVE-2021-23046", "cwe": ["CWE-532"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23046"], "modified": "2021-09-24T18:29:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager:14.1.4", "cpe:/a:f5:big-ip_access_policy_manager:15.1.3", "cpe:/a:f5:big-ip_access_policy_manager:13.1.4"], "id": "CVE-2021-23046", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23046", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:54", "description": "On BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23033", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23033"], "modified": "2021-09-27T12:55:00", "cpe": ["cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:12.1.6"], "id": "CVE-2021-23033", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23033", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:57", "description": "On BIG-IP 14.1.x before 14.1.4.4, when an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23035", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23035"], "modified": "2021-09-27T16:09:00", "cpe": ["cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4.4", "cpe:/a:f5:big-ip_application_security_manager:14.1.4.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4.4", "cpe:/a:f5:big-ip_analytics:14.1.4.4", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4.4", "cpe:/a:f5:big-ip_domain_name_system:14.1.4.4", "cpe:/a:f5:big-ip_link_controller:14.1.4.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4.4", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4.4", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4.4", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4.4"], "id": "CVE-2021-23035", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23035", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:f5:big-ip_analytics:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4.4:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:56", "description": "On BIG-IP version 16.x before 16.1.0 and 15.1.x before 15.1.3.1, when a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23034", "cwe": ["CWE-668"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23034"], "modified": "2021-09-27T16:09:00", "cpe": [], "id": "CVE-2021-23034", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23034", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2022-03-23T18:43:44", "description": "On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms, hardware or virtual, or any other cloud provider since the affected driver is specific to AWS.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-27T15:15:00", "type": "cve", "title": "CVE-2020-5862", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5862"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/a:f5:big-ip_application_acceleration_manager:14.1.2", "cpe:/a:f5:big-ip_analytics:15.1.0.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.0.1", "cpe:/a:f5:big-ip_domain_name_system:15.0.1.1", "cpe:/a:f5:big-ip_analytics:14.1.2", "cpe:/a:f5:big-ip_domain_name_system:15.1.0.1", "cpe:/a:f5:big-ip_global_traffic_manager:15.0.1.1", "cpe:/a:f5:big-ip_link_controller:14.1.2", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.2", "cpe:/a:f5:big-ip_access_policy_manager:14.1.2.2", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.0.1", "cpe:/a:f5:big-ip_domain_name_system:14.1.2", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.0.1", "cpe:/a:f5:big-ip_link_controller:15.0.1.1", "cpe:/a:f5:big-ip_analytics:15.0.1.1", "cpe:/a:f5:big-ip_fraud_protection_service:15.0.1.1", "cpe:/a:f5:big-ip_application_acceleration_manager:15.0.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.0.1", "cpe:/a:f5:big-ip_local_traffic_manager:15.0.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.0.1.1", "cpe:/a:f5:big-ip_application_security_manager:14.1.2", "cpe:/a:f5:big-ip_access_policy_manager:15.1.0.1", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.2", "cpe:/a:f5:big-ip_application_security_manager:15.1.0.1", "cpe:/a:f5:big-ip_access_policy_manager:15.0.1.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.0.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.0.1", "cpe:/a:f5:big-ip_application_security_manager:15.0.1.1", "cpe:/a:f5:big-ip_link_controller:15.1.0.1", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.0.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.2"], "id": "CVE-2020-5862", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-5862", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_analytics:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.0.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:08", "description": "On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the current logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-09-14T14:15:00", "type": "cve", "title": "CVE-2021-23041", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23041"], "modified": "2021-09-24T18:33:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.6", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6"], "id": "CVE-2021-23041", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23041", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:10", "description": "On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, and 12.1.x before 12.1.6, when an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T15:15:00", "type": "cve", "title": "CVE-2021-23042", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23042"], "modified": "2021-09-24T18:21:00", "cpe": [], "id": "CVE-2021-23042", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23042", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:28:02", "description": "On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23038", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23038"], "modified": "2021-09-27T15:43:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6"], "id": "CVE-2021-23038", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23038", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:05", "description": "On BIG-IP AFM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-14T15:15:00", "type": "cve", "title": "CVE-2021-23040", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23040"], "modified": "2021-09-24T18:32:00", "cpe": ["cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6"], "id": "CVE-2021-23040", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23040", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:02", "description": "On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote (IPSec) peer, which already has a negotiated Security Association, can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23039", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23039"], "modified": "2021-09-27T16:37:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:13.1.4", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.4", "cpe:/a:f5:big-ip_analytics:13.1.4", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:13.1.4", "cpe:/a:f5:big-ip_access_policy_manager:13.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6"], "id": "CVE-2021-23039", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23039", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:00", "description": "On version 16.0.x before 16.0.1.2, when a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T19:15:00", "type": "cve", "title": "CVE-2021-23036", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23036"], "modified": "2021-09-24T18:58:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager:16.0.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1", "cpe:/a:f5:big-ip_datasafe:16.0.1"], "id": "CVE-2021-23036", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23036", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_datasafe:16.0.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:59", "description": "On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23037", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23037"], "modified": "2021-09-27T14:22:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:13.1.4", "cpe:/a:f5:big-ip_analytics:11.6.5", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.3", "cpe:/a:f5:big-ip_access_policy_manager:11.6.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.4", "cpe:/a:f5:big-ip_analytics:13.1.4", "cpe:/a:f5:big-ip_application_security_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:13.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.1.0", "cpe:/a:f5:big-ip_domain_name_system:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.1.0", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:16.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.4", "cpe:/a:f5:big-ip_link_controller:16.1.0", "cpe:/a:f5:big-ip_analytics:16.1.0", "cpe:/a:f5:big-ip_application_security_manager:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:16.1.0", "cpe:/a:f5:big-ip_access_policy_manager:16.1.0", "cpe:/a:f5:big-ip_link_controller:14.1.4", "cpe:/a:f5:big-ip_link_controller:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:16.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_analytics:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:16.1.0", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_analytics:14.1.4", "cpe:/a:f5:big-ip_access_policy_manager:15.1.3", "cpe:/a:f5:big-ip_access_policy_manager:13.1.4", "cpe:/a:f5:big-ip_link_controller:13.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.3", "cpe:/a:f5:big-ip_global_traffic_manager:16.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:16.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4", "cpe:/a:f5:big-ip_domain_name_system:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4"], "id": "CVE-2021-23037", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23037", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2023-01-10T19:27:22", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.3.1 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K01153535 advisory.\n\n - On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This is due to an incomplete fix for CVE-2020-5862. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23051)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-28T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP AWS vulnerability (K01153535)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5862", "CVE-2021-23051"], "modified": "2022-07-28T00:00:00", "cpe": ["cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", "cpe:2.3:h:f5:big-ip_protocol_security_manager:*:*:*:*:*:*:*:*", "cpe:2.3:h:f5:big-ip:*:*:*:*:*:*:*:*"], "id": "F5_BIGIP_SOL01153535.NASL", "href": "https://www.tenable.com/plugins/nessus/163509", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K01153535.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163509);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/28\");\n\n script_cve_id(\"CVE-2021-23051\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP AWS vulnerability (K01153535)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.3.1 / 16.0.0. It is, therefore, affected\nby a vulnerability as referenced in the K01153535 advisory.\n\n - On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Development Kit (DPDK)/Elastic Network\n Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can\n cause the Traffic Management Microkernel (TMM) to terminate. This is due to an incomplete fix for\n CVE-2020-5862. Note: Software versions which have reached End of Technical Support (EoTS) are not\n evaluated. (CVE-2021-23051)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K01153535\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K01153535.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/28\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K01153535';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '15.1.0.4-15.1.3'\n ],\n 'unaffected': [\n '16.0.0','15.1.3.1'\n ],\n },\n 'APM': {\n 'affected': [\n '15.1.0.4-15.1.3'\n ],\n 'unaffected': [\n '16.0.0','15.1.3.1'\n ],\n },\n 'ASM': {\n 'affected': [\n '15.1.0.4-15.1.3'\n ],\n 'unaffected': [\n '16.0.0','15.1.3.1'\n ],\n },\n 'GTM': {\n 'affected': [\n '15.1.0.4-15.1.3'\n ],\n 'unaffected': [\n '16.0.0','15.1.3.1'\n ],\n },\n 'LTM': {\n 'affected': [\n '15.1.0.4-15.1.3'\n ],\n 'unaffected': [\n '16.0.0','15.1.3.1'\n ],\n },\n 'PEM': {\n 'affected': [\n '15.1.0.4-15.1.3'\n ],\n 'unaffected': [\n '16.0.0','15.1.3.1'\n ],\n },\n 'PSM': {\n 'affected': [\n '15.1.0.4-15.1.3'\n ],\n 'unaffected': [\n '16.0.0','15.1.3.1'\n ],\n },\n 'WOM': {\n 'affected': [\n '15.1.0.4-15.1.3'\n ],\n 'unaffected': [\n '16.0.0','15.1.3.1'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:53:12", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.3 / 15.1.3.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K79428827 advisory.\n\n - On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, and all versions of 13.1.x, 12.1.x and 11.6.x, when BIG-IP APM performs Online Certificate Status Protocol (OCSP) verification of a certificate that contains Authority Information Access (AIA), undisclosed requests may cause an increase in memory use. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23047)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP APM OCSP vulnerability (K79428827)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23047"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL79428827.NASL", "href": "https://www.tenable.com/plugins/nessus/152815", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K79428827.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152815);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23047\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP APM OCSP vulnerability (K79428827)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.3 / 15.1.3.1 / 16.1.0. It is,\ntherefore, affected by a vulnerability as referenced in the K79428827 advisory.\n\n - On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, and all versions of 13.1.x,\n 12.1.x and 11.6.x, when BIG-IP APM performs Online Certificate Status Protocol (OCSP) verification of a\n certificate that contains Authority Information Access (AIA), undisclosed requests may cause an increase\n in memory use. Note: Software versions which have reached End of Technical Support (EoTS) are not\n evaluated. (CVE-2021-23047)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K79428827\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K79428827.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23047\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K79428827';\nvar vmatrix = {\n 'APM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.0','15.1.3.1','14.1.4.3'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module APM');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:54:11", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.6 / 14.1.3.1 / 15.1.3 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K36942191 advisory.\n\n - On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the brute force protection feature of BIG-IP Advanced WAF or BIG-IP ASM is enabled on a virtual server and the virtual server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit on undisclosed tables in the MYSQL database. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23053)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Advanced WAF and BIG-IP ASM MySQL database vulnerability (K36942191)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23053"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL36942191.NASL", "href": "https://www.tenable.com/plugins/nessus/152827", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K36942191.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152827);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23053\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : Advanced WAF and BIG-IP ASM MySQL database vulnerability (K36942191)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.6 / 14.1.3.1 / 15.1.3 / 16.0.0. It is,\ntherefore, affected by a vulnerability as referenced in the K36942191 advisory.\n\n - On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the brute force\n protection feature of BIG-IP Advanced WAF or BIG-IP ASM is enabled on a virtual server and the virtual\n server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit\n on undisclosed tables in the MYSQL database. Note: Software versions which have reached End of Technical\n Support (EoTS) are not evaluated. (CVE-2021-23053)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K36942191\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K36942191.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23053\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K36942191';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3'\n ],\n 'unaffected': [\n '16.0.0','15.1.3','14.1.3.1','13.1.3.6'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:53:11", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K94941221 advisory.\n\n - On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when an SCTP profile with multiple paths is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note:\n Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23045)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : TMM SCTP vulnerability (K94941221)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23045"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL94941221.NASL", "href": "https://www.tenable.com/plugins/nessus/152822", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K94941221.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152822);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23045\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : TMM SCTP vulnerability (K94941221)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.0.1.2 /\n16.1.0. It is, therefore, affected by a vulnerability as referenced in the K94941221 advisory.\n\n - On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before\n 13.1.4.1, and all versions of 12.1.x, when an SCTP profile with multiple paths is configured on a virtual\n server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note:\n Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23045)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K94941221\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K94941221.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23045\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K94941221';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n },\n 'AM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n },\n 'APM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n },\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n },\n 'AVR': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n },\n 'GTM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n },\n 'LC': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n },\n 'LTM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n },\n 'PEM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:53:11", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.3.1 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K44553214 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3 and NGINX App Protect on all versions before 3.5.0, when a cross-site request forgery (CSRF)-enabled policy is configured on a virtual server, an undisclosed HTML response may cause the bd process to terminate. Note:\n Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23050)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Web application firewall vulnerability (K44553214)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23050"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL44553214.NASL", "href": "https://www.tenable.com/plugins/nessus/152814", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K44553214.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152814);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23050\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : Web application firewall vulnerability (K44553214)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.3.1 / 16.0.1.2 / 16.1.0. It is,\ntherefore, affected by a vulnerability as referenced in the K44553214 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3 and NGINX\n App Protect on all versions before 3.5.0, when a cross-site request forgery (CSRF)-enabled policy is\n configured on a virtual server, an undisclosed HTML response may cause the bd process to terminate. Note:\n Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23050)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K44553214\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K44553214.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23050\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K44553214';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:54:20", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.4. It is, therefore, affected by a vulnerability as referenced in the K32734107 advisory.\n\n - On version 14.1.x before 14.1.4.4 and all versions of 13.1.x, an open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious user to build an open redirect URI. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23052)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP APM vulnerability (K32734107)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23052"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL32734107.NASL", "href": "https://www.tenable.com/plugins/nessus/152825", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K32734107.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152825);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23052\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP APM vulnerability (K32734107)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.4. It is, therefore, affected by a\nvulnerability as referenced in the K32734107 advisory.\n\n - On version 14.1.x before 14.1.4.4 and all versions of 13.1.x, an open redirect vulnerability exists on\n virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated\n malicious user to build an open redirect URI. Note: Software versions which have reached End of Technical\n Support (EoTS) are not evaluated. (CVE-2021-23052)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K32734107\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K32734107.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23052\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nvar sol = 'K32734107';\nvar vmatrix = {\n 'APM': {\n 'affected': [\n '14.1.0-14.1.4','13.1.0-13.1.4'\n ],\n 'unaffected': [\n '14.1.4.4'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module APM');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-11T14:58:22", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.5 / 14.1.3.1 / 15.1.0.5 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K55543151 advisory.\n\n - On version 15.1.x before 15.1.0.5, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all versions of 12.1.x and 11.6.x, an authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23025)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-01T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K55543151)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23025"], "modified": "2021-12-01T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL55543151.NASL", "href": "https://www.tenable.com/plugins/nessus/155753", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K55543151.\n#\n# @NOAGENT@\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155753);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/01\");\n\n script_cve_id(\"CVE-2021-23025\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K55543151)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.5 / 14.1.3.1 / 15.1.0.5 / 16.0.0. It\nis, therefore, affected by a vulnerability as referenced in the K55543151 advisory.\n\n - On version 15.1.x before 15.1.0.5, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all versions of\n 12.1.x and 11.6.x, an authenticated remote command execution vulnerability exists in the BIG-IP\n Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not\n evaluated. (CVE-2021-23025)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K55543151\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K55543151.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23025\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/01\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K55543151';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'APM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'ASM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'GTM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'LTM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'PEM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'PSM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'WOM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:19", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.6 / 13.1.4 / 14.1.4.1 / 15.1.3 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K41351250 advisory.\n\n - On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, an authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23031)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM vulnerability (K41351250)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23031"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL41351250.NASL", "href": "https://www.tenable.com/plugins/nessus/152823", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K41351250.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152823);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23031\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM vulnerability (K41351250)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.6 / 13.1.4 / 14.1.4.1 /\n15.1.3 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K41351250 advisory.\n\n - On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4,\n 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, an authenticated user may perform a privilege escalation\n on the BIG-IP Advanced WAF and ASM Configuration utility. Note: Software versions which have reached End\n of Technical Support (EoTS) are not evaluated. (CVE-2021-23031)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K41351250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K41351250.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23031\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K41351250';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.4','13.1.0-13.1.3','12.1.0-12.1.5','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4.1','13.1.4','12.1.6','11.6.5.3'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:10", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K42051445 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23030)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K42051445)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23030"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL42051445.NASL", "href": "https://www.tenable.com/plugins/nessus/152820", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K42051445.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152820);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23030\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K42051445)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.0.1.2 /\n16.1.0. It is, therefore, affected by a vulnerability as referenced in the K42051445 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x\n before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is\n configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions\n which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23030)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K42051445\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K42051445.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23030\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K42051445';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:53:31", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K52420610 advisory.\n\n - On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Advanced WAF and BIG-IP ASM TMUI vulnerability (K52420610)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23029"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL52420610.NASL", "href": "https://www.tenable.com/plugins/nessus/152826", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K52420610.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152826);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23029\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : Advanced WAF and BIG-IP ASM TMUI vulnerability (K52420610)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 16.0.1.2 / 16.1.0. It is, therefore, affected\nby a vulnerability as referenced in the K52420610 advisory.\n\n - On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest\n privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application\n Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of\n Technical Support (EoTS) are not evaluated. (CVE-2021-23029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K52420610\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K52420610.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23029\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K52420610';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:47", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.2. It is, therefore, affected by a vulnerability as referenced in the K63163637 advisory.\n\n - On BIG-IP, on all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-11-03T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K63163637)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23043"], "modified": "2021-11-03T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL63163637.NASL", "href": "https://www.tenable.com/plugins/nessus/154880", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K63163637.\n#\n# @NOAGENT@\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154880);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/03\");\n\n script_cve_id(\"CVE-2021-23043\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K63163637)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.2. It is, therefore, affected by a\nvulnerability as referenced in the K63163637 advisory.\n\n - On BIG-IP, on all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a directory\n traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an\n attacker to access arbitrary files. Note: Software versions which have reached End of Technical Support\n (EoTS) are not evaluated. (CVE-2021-23043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K63163637\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K63163637.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/03\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K63163637';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '16.0.0-16.1.1','15.1.0-15.1.4','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.2'\n ],\n },\n 'APM': {\n 'affected': [\n '16.0.0-16.1.1','15.1.0-15.1.4','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.2'\n ],\n },\n 'ASM': {\n 'affected': [\n '16.0.0-16.1.1','15.1.0-15.1.4','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.2'\n ],\n },\n 'GTM': {\n 'affected': [\n '16.0.0-16.1.1','15.1.0-15.1.4','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.2'\n ],\n },\n 'LTM': {\n 'affected': [\n '16.0.0-16.1.1','15.1.0-15.1.4','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.2'\n ],\n },\n 'PEM': {\n 'affected': [\n '16.0.0-16.1.1','15.1.0-15.1.4','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.2'\n ],\n },\n 'PSM': {\n 'affected': [\n '16.0.0-16.1.1','15.1.0-15.1.4','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.2'\n ],\n },\n 'WOM': {\n 'affected': [\n '16.0.0-16.1.1','15.1.0-15.1.4','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.2'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:54:21", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K70652532 advisory.\n\n - On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n (CVE-2021-23046)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 4.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : F5 Access Guided Configuration logging vulnerability (K70652532)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23046"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL70652532.NASL", "href": "https://www.tenable.com/plugins/nessus/152824", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K70652532.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152824);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23046\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : F5 Access Guided Configuration logging vulnerability (K70652532)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.0. It is, therefore, affected by a\nvulnerability as referenced in the K70652532 advisory.\n\n - On all versions of Guided Configuration before 8.0.0, when a configuration that contains secure properties\n is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded\n logs. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n (CVE-2021-23046)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K70652532\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K70652532.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23046\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K70652532';\nvar vmatrix = {\n 'APM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4'\n ],\n 'unaffected': [\n '16.1.0'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module APM');\n}\n", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:54:20", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K05314769 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23033)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K05314769)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23033"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL05314769.NASL", "href": "https://www.tenable.com/plugins/nessus/152816", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K05314769.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152816);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23033\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K05314769)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.1.0. It\nis, therefore, affected by a vulnerability as referenced in the K05314769 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15.1.x before 15.1.3.1, 14.1.x before\n 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a\n virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached\n End of Technical Support (EoTS) are not evaluated. (CVE-2021-23033)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K05314769\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K05314769.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23033\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K05314769';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:53:10", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.6 / 13.1.4 / 14.1.4 / 15.1.3 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K93231374 advisory.\n\n - On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, and 12.1.x before 12.1.6, when an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23042)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP HTTP vulnerability (K93231374)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23042"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL93231374.NASL", "href": "https://www.tenable.com/plugins/nessus/152821", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K93231374.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152821);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23042\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP HTTP vulnerability (K93231374)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.6 / 13.1.4 / 14.1.4 / 15.1.3 / 16.0.1.2\n/ 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K93231374 advisory.\n\n - On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before\n 13.1.4, and 12.1.x before 12.1.6, when an HTTP profile is configured on a virtual server, undisclosed\n requests can cause a significant increase in system resource utilization. Note: Software versions which\n have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23042)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K93231374\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K93231374.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23042\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K93231374';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4','13.1.4','12.1.6'\n ],\n },\n 'AM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4','13.1.4','12.1.6'\n ],\n },\n 'APM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4','13.1.4','12.1.6'\n ],\n },\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4','13.1.4','12.1.6'\n ],\n },\n 'AVR': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4','13.1.4','12.1.6'\n ],\n },\n 'GTM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4','13.1.4','12.1.6'\n ],\n },\n 'LC': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4','13.1.4','12.1.6'\n ],\n },\n 'LTM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4','13.1.4','12.1.6'\n ],\n },\n 'PEM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4','13.1.4','12.1.6'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:53:23", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.2 / 15.1.3 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K94255403 advisory.\n\n - On BIG-IP AFM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23040)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP AFM vulnerability (K94255403)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23040"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL94255403.NASL", "href": "https://www.tenable.com/plugins/nessus/152817", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K94255403.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152817);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23040\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP AFM vulnerability (K94255403)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.2 / 15.1.3 / 16.0.1.2 /\n16.1.0. It is, therefore, affected by a vulnerability as referenced in the K94255403 advisory.\n\n - On BIG-IP AFM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before\n 13.1.4.1, and all versions of 12.1.x, a SQL injection vulnerability exists in an undisclosed page of the\n BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. Note: Software\n versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23040)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K94255403\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K94255403.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23040\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K94255403';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.4','13.1.0-13.1.3','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4.2','13.1.4.1'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module AFM');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:58:55", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.2.8 / 15.1.3 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K66782293 advisory.\n\n - On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote (IPSec) peer, which already has a negotiated Security Association, can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23039)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-01T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : TMM vulnerability (K66782293)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23039"], "modified": "2021-12-01T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL66782293.NASL", "href": "https://www.tenable.com/plugins/nessus/155754", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K66782293.\n#\n# @NOAGENT@\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155754);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/01\");\n\n script_cve_id(\"CVE-2021-23039\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : TMM vulnerability (K66782293)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.2.8 / 15.1.3 / 16.0.1.2 / 16.1.0. It is,\ntherefore, affected by a vulnerability as referenced in the K66782293 advisory.\n\n - On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of\n 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized\n remote (IPSec) peer, which already has a negotiated Security Association, can cause the Traffic Management\n Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS)\n are not evaluated. (CVE-2021-23039)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K66782293\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K66782293.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23039\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/01\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K66782293';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '16.0.0-16.0.1','15.0.0-15.1.2','14.1.0-14.1.2','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.2.8'\n ],\n },\n 'APM': {\n 'affected': [\n '16.0.0-16.0.1','15.0.0-15.1.2','14.1.0-14.1.2','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.2.8'\n ],\n },\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.0.0-15.1.2','14.1.0-14.1.2','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.2.8'\n ],\n },\n 'GTM': {\n 'affected': [\n '16.0.0-16.0.1','15.0.0-15.1.2','14.1.0-14.1.2','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.2.8'\n ],\n },\n 'LTM': {\n 'affected': [\n '16.0.0-16.0.1','15.0.0-15.1.2','14.1.0-14.1.2','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.2.8'\n ],\n },\n 'PEM': {\n 'affected': [\n '16.0.0-16.0.1','15.0.0-15.1.2','14.1.0-14.1.2','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.2.8'\n ],\n },\n 'PSM': {\n 'affected': [\n '16.0.0-16.0.1','15.0.0-15.1.2','14.1.0-14.1.2','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.2.8'\n ],\n },\n 'WOM': {\n 'affected': [\n '16.0.0-16.0.1','15.0.0-15.1.2','14.1.0-14.1.2','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.2.8'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:56:55", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K21435974 advisory.\n\n - On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23037)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-10-28T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : TMUI XSS vulnerability (K21435974)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23037"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL21435974.NASL", "href": "https://www.tenable.com/plugins/nessus/154700", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K21435974.\n#\n# @NOAGENT@\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154700);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23037\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : TMUI XSS vulnerability (K21435974)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by\na vulnerability as referenced in the K21435974 advisory.\n\n - On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site\n scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that\n allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software\n versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23037)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K21435974\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K21435974.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23037\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/28\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K21435974';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'APM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'ASM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'GTM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'LTM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'PEM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'PSM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'WOM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T14:53:10", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K05043394 advisory.\n\n - On version 16.0.x before 16.0.1.2, when a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note:\n Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23036)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : TMM vulnerability (K05043394)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23036"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL05043394.NASL", "href": "https://www.tenable.com/plugins/nessus/152819", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K05043394.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152819);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23036\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : TMM vulnerability (K05043394)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 16.0.1.2 / 16.1.0. It is, therefore, affected\nby a vulnerability as referenced in the K05043394 advisory.\n\n - On version 16.0.x before 16.0.1.2, when a BIG-IP ASM and DataSafe profile are configured on a virtual\n server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note:\n Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23036)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K05043394\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K05043394.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23036\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K05043394';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T15:07:41", "description": "Under certain conditions, while sending traffic, the Traffic Management Microkernel (TMM) may produce a core file or stop processing new traffic with the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver on Amazon Web Services (AWS) systems.(CVE-2020-5862)\n\nImpact\n\nA remote attacker may be able to cause TMM to stop processing new traffic and effect a remote denial of service (DoS).\n\nThis issue does not affect any other hardware, virtual platforms, orcloud provider, as the affected driver is specific to AWS.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-27T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP AWS vulnerability (K01054113)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-5862", "CVE-2020-5862"], "modified": "2021-05-20T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL01054113.NASL", "href": "https://www.tenable.com/plugins/nessus/134956", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K01054113.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134956);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/20\");\n\n script_cve_id(\"CVE-2019-5862\", \"CVE-2020-5862\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP AWS vulnerability (K01054113)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Under certain conditions, while sending traffic, the Traffic\nManagement Microkernel (TMM) may produce a core file or stop\nprocessing new traffic with the Data Plane Development Kit\n(DPDK)/Elastic Network Adapter (ENA) driver on Amazon Web Services\n(AWS) systems.(CVE-2020-5862)\n\nImpact\n\nA remote attacker may be able to cause TMM to stop processing new\ntraffic and effect a remote denial of service (DoS).\n\nThis issue does not affect any other hardware, virtual platforms,\norcloud provider, as the affected driver is specific to AWS.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K01054113\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K01054113.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K01054113\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.2\",\"14.1.2.3\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.2\",\"14.1.2.3\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.2\",\"14.1.2.3\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.2\",\"14.1.2.3\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.2\",\"14.1.2.3\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.2\",\"14.1.2.3\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.2\",\"14.1.2.3\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.2\",\"14.1.2.3\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.1.0-14.1.2\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.2\",\"14.1.2.3\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cnvd": [{"lastseen": "2022-11-05T09:56:53", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 BIG IP APM OCSP denial of service vulnerability can be exploited by attackers to cause a denial of service (DoS) on the BIG-IP system when the BIG-IP APM performs OCSP authentication on certificates containing Authorized Information Access (AIA). system to cause a denial of service (DoS).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG IP APM OCSP Denial of Service Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23047"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65639", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65639", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:56:50", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 BIG IP TMM GTP denial of service vulnerability, where an undisclosed GTP message is associated with a GTP irule or GTP profile on Virtual Server, can cause tmm to terminate. An attacker could exploit this vulnerability to cause a denial of service (DoS) on a BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG IP TMM GTP Denial of Service Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23048"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65638", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65638", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:48", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IP compression driver denial of service vulnerability, on platforms using Intel QuickAssist Technology (QAT) compression drivers, undisclosed requests could cause TMM to crash. When the TMM process is restarted, traffic is interrupted. An attacker could use this vulnerability to cause a denial of service (DoS) on BIG-IP systems.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP compression driver denial of service vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23044"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65641", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65641", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:27", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 BIG-IP Advanced WAF and ASM MySQL database denial of service vulnerability is associated with a policy on Virtul Server with brute The vulnerability can be exploited to cause insufficient disk space, which may lead to tmsh, icontrol rest not working properly.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM MySQL database denial of service vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23053"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65634", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65634", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:09", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 BIG IP Advanced WAF and ASM denial of service vulnerability causes a specific html return page can cause the bd process to terminate. When the bd process is restarted, traffic is interrupted. An attacker could use this vulnerability to cause a denial of service (DoS) on a BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG IP Advanced WAF and ASM Denial of Service Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23050"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65637", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65637", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:22", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG IP APM has a security vulnerability that allows victims to be redirected to malicious websites after an attacker creates an open redirect url.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG IP APM has an unspecified vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23052"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65635", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65635", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-11-05T09:57:38", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A memory leak vulnerability exists in F5 BIG-IP. The vulnerability stems from an undisclosed request from iRules associated with the RESOLVER::summarize command on Virtual Server, which can be exploited by an attacker to cause a memory leak.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Memory Leak Vulnerability (CNVD-2021-65625)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23049"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65625", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65625", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:58:20", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 TMUI SCTP denial of service vulnerability could cause TMM to terminate when an SCTP profile with multiple paths is configured on a virtual server with an undisclosed request. An attacker could use this vulnerability to cause a denial of service (DoS) on a BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 TMUI SCTP Denial of Service Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23045"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65640", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65640", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:20", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in F5 BIG-IP DNS, which stems from the fact that when the BIG-IP DNS system is configured with non-default wide IP and pool settings, an undisclosed DNS response may cause TMM to terminate. When the TMM process is restarted, traffic is interrupted. An attacker could use this vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP DNS denial-of-service vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23032"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65651", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65651", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:08", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 BIG IP AWS denial of service vulnerability occurs when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used in BIG-IP deployed in Amazon Web Services (AWS) systems, TMM can be terminated under certain conditions. An attacker could exploit this vulnerability to cause a denial of service (DoS) on BIG-IP systems.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG IP AWS Denial of Service Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23051"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65636", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65636", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:41", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A remote command execution vulnerability exists in the F5 BIG-IP TMUI, which can be exploited by an authenticated attacker with high-level privileges to access the management page through the BIGIP management port or Self IP address to execute arbitrary system commands, create or delete files, or disable services.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMUI Remote Command Execution Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23025"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65655", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65655", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T09:57:04", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An XSS vulnerability exists in the F5 BIG-IP TMUI, which can be exploited by attackers to run JavaScript in the context of the currently logged-in user.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMUI XSS vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23027"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65653", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65653", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-11-05T09:57:53", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An unspecified vulnerability exists in the F5 BIG-IP Advanced WAF and ASM TMUI, which, when cracked, allows an authenticated attacker with access to the management page to execute arbitrary system commands, create or delete files, or disable services. An attacker could exploit the vulnerability to cause the system to be completely compromised.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-08-25T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM TMUI is vulnerable to unspecified vulnerabilities", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23031"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65622", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65622", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T09:57:54", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A security vulnerability exists in the F5 BIG-IP Advanced WAF and ASM TMUI, which could be exploited by an attacker with network access to the management interface and authentication via guest privileges to be able to perform SSRF attacks.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-25T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM TMUI server-side request forgery vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23029"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65621", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65621", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T09:56:51", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. When a Websocket profile is configured on the Virtual server of BIG-IP AWAF/ASM, undisclosed requests may cause the BD process to terminate.BIG-IP A restart of the BD process of AWAF/ASM can cause a traffic disruption. An attacker could use this vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM WebSocket Denial of Service Vulnerability (CNVD-2021-65633)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23030"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65633", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65633", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:22", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A security vulnerability exists in F5 BIG-IP Advanced WAF and ASM due to a JSON content profile referenced in an AWAF/ASM security policy that contains policies for URLs and is associated with a virtual server. An undisclosed request could cause the BD process of BIG-IP AWAF/ASM to terminate when the policy containing URLs for content profiles is associated with a virtual server. An attacker could exploit this vulnerability to launch a denial of service against BIG-IP.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM are unspecified vulnerabilities", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23028"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65652", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65652", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:18", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 BIG-IP TMUI Unauthorized Access vulnerability can be exploited by an authenticated attacker by sending a crafted request to the BIG-IP configuration utility. If the vulnerability is successfully exploited, an attacker can access arbitrary files in the Web root directory.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMUI Unauthorized Access Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23043"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65642", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65642", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2022-11-05T09:57:53", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A CSRF vulnerability exists in F5 BIG-IP iControl SOAP, which could be exploited by an attacker to potentially trick authenticated users into performing critical operations.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP iControl SOAP CSRF Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23026"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65654", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65654", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T09:56:56", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. The F5 Access Guided Configuration logging information disclosure vulnerability can be exploited by attackers to obtain sensitive information.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 4.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 Access Guided Configuration logging information disclosure vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23046"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65632", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65632", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2022-11-05T09:57:31", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP Advanced WAF and ASM WebSocket, which originates from the BIG-IP AWAF/ASM Virtual The vulnerability is caused when a Websocket profile is configured on the BIG-IP AWAF/ASM Virtual server, and an undisclosed request could cause the bd to terminate, which could cause a traffic disruption when the BD process of BIG-IP AWAF/ASM restarts. A remote attacker could use this vulnerability to launch a denial of service against BIG-IP.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM WebSocket Denial of Service Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23033"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65650", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65650", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:29", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in F5 BIG-IP TMM, which stems from the fact that in the case of HTTP profiles associated with Virtual Server, after a specific sequence of packets chunked responses could cause TMM to terminate. When the TMM process is restarted, traffic is interrupted and an attacker can use this vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMM Denial of Service Vulnerability (CNVD-2021-65648)", "bulletinFamily": "cnvd", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23035"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65648", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65648", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-11-05T09:57:25", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in F5 BIG-IP TMM, which stems from the presence of a DNS profile file with DNS Cache resolver enabled when associated on Virtual Server A specific request could cause the TMM process to terminate. When the TMM process is restarted, traffic is interrupted and an attacker can use this vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMM Denial of Service Vulnerability (CNVD-2021-65649)", "bulletinFamily": "cnvd", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23034"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65649", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65649", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-11-05T09:56:47", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A security vulnerability exists in the F5 BIG-IP TMUI that could be exploited by an attacker by tricking an authenticated user into submitting malicious HTML or JavaScript code in the BIG-IP configuration utility The vulnerability runs JavaScript in the context of the currently logged-in user.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMUI has an unspecified vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23041"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65644", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65644", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-11-05T09:57:12", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IP HTTP denial of service vulnerability, where undisclosed requests may cause a significant increase in system resource utilization when HTTP profiles are configured on a virtual server. System performance may degrade before the process is forced to restart or manually restarted. An attacker could use this vulnerability to cause a denial of service (DoS) on BIG-IP systems.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP HTTP Denial of Service Vulnerability (CNVD-2021-65643)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23042"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65643", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65643", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:49", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A cross-site scripting vulnerability exists in the F5 BIG-IP TMUI. An attacker can exploit the vulnerability to execute JavaScript in the context of the currently logged-in user.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-08-25T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMUI Cross-Site Scripting Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23038"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65623", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65623", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2022-11-05T09:57:46", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A SQL injection vulnerability exists in F5 BIG-IP AFM. The vulnerability allows an authenticated attacker to execute malicious SQL statements via the BIG-IP configuration utility.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-25T00:00:00", "type": "cnvd", "title": "F5 BIG-IP AFM SQL Injection Vulnerability (CNVD-2021-65624)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23040"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65624", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65624", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T09:58:07", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM, which can be exploited by attackers to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMM Denial of Service Vulnerability (CNVD-2021-65645)", "bulletinFamily": "cnvd", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23039"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65645", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65645", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-11-05T09:57:45", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM, which stems from an undisclosed request when configuring the BIG-IP ASM and DataSafe profiles on a virtual server that could cause the traffic management microkernel (TMM) to terminate. When the TMM process is restarted, traffic is interrupted and an attacker can exploit the vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMM Denial of Service Vulnerability (CNVD-2021-65647)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23036"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65647", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65647", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:58:01", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An XSS vulnerability exists in the F5 BIG-IP TMUI, which can be exploited by attackers to run JavaScript in the context of the currently logged-in user.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMUI XSS vulnerability (CNVD-2021-65646)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23037"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65646", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65646", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}