K70031188 : TMUI authenticated remote command execution vulnerability CVE-2021-22988

Security Advisory Description

The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages. (CVE-2021-22988)

Note: For systems running in Appliance mode, refer to K18132488 Appliance Mode TMUI Authenticated remote command execution vulnerability CVE-2021-22987.

Impact

This vulnerability allows authenticated users with network access to the Configuration utility, through the BIG-IP management port or self IP addresses, to execute arbitrary system commands, create or delete files, or disable services. This vulnerability can only be exploited through the control plane and cannot be exploited through the data plane. Exploitation can lead to complete system compromise.

Note: If you believe your system may have been compromised, refer to K11438344: Considerations and guidance when you suspect a security compromise on a BIG-IP system.