6 matches found
CVE-2021-23014
On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, and 14.1.x before 14.1.4, BIG-IP Advanced WAF and ASM are missing authorization checks for file uploads to a specific directory within the REST API which might allow Authenticated users with guest privileges to upload files. Note: Software...
K23203045: BIG-IP Advanced WAF and ASM REST API vulnerability CVE-2021-23014
Security Advisory Description BIG-IP Advanced WAF and ASM are missing authorization checks for file uploads to a specific directory within the REST API, which might allow authenticated users with guest privileges to upload files. CVE-2021-23014 Impact If an attacker has network access to the BIG-...
CVE-2021-23014
On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, and 14.1.x before 14.1.4, BIG-IP Advanced WAF and ASM are missing authorization checks for file uploads to a specific directory within the REST API which might allow Authenticated users with guest privileges to upload files. Note: Software...
CVE-2021-23014
On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, and 14.1.x before 14.1.4, BIG-IP Advanced WAF and ASM are missing authorization checks for file uploads to a specific directory within the REST API which might allow Authenticated users with guest privileges to upload files. Note: Software...
CVE-2021-23014
CVE-2021-23014 affects BIG-IP Advanced WAF and ASM REST API. A missing authorization check for file uploads to a specific REST API directory could allow an authenticated user with guest privileges to upload files. Affected branches: 16.x before 16.0.1.1; 15.x before 15.1.3; 14.x before 14.1.4 (Eo...
F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM REST API vulnerability (K23203045)
The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4 / 15.1.3 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K23203045 advisory. - On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, and 14.1.x before 14.1.4, BIG-IP...