F5 Releases Critical Security Patch for BIG-IP and BIG-IQ Devices

2021-08-26T11:51:00

Description

[![](https://thehackernews.com/images/-gfgFxzl_oz8/YSd_vfZfXwI/AAAAAAAADqE/9iD9m1l_Ni4LUBNSEi0F4GZmnL4Tjf5fACLcBGAsYHQ/s0/f4.jpg)](<https://thehackernews.com/images/-gfgFxzl_oz8/YSd_vfZfXwI/AAAAAAAADqE/9iD9m1l_Ni4LUBNSEi0F4GZmnL4Tjf5fACLcBGAsYHQ/s0/f4.jpg>) Enterprise security and network appliance vendor F5 has released patches for more than [two dozen security vulnerabilities](<https://support.f5.com/csp/article/K50974556>) affecting multiple versions of BIG-IP and BIG-IQ devices that could potentially allow an attacker to perform a wide range of malicious actions, including accessing arbitrary files, escalating privileges, and executing JavaScript code. Of the 29 bugs addressed, 13 are high-severity flaws, 15 are rated medium, and one is rated low in severity. Chief among them is [CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>) (CVSS score: 8.8), a vulnerability affecting BIG-IP Advanced Web Application Firewall and BIG-IP Application Security Manager that allows an authenticated user to perform a privilege escalation. "When this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary system commands, create or delete files, and/or disable services. This vulnerability may result in complete system compromise," F5 said in its advisory. It's worth noting that for customers running the device in [Appliance Mode](<https://support.f5.com/csp/article/K12815>), which applies additional technical restrictions in sensitive sectors, the same vulnerability comes with a critical rating of 9.9 out of 10. "As this attack is conducted by legitimate, authenticated users, there is no viable mitigation that also allows users access to the Configuration utility. The only mitigation is to remove access for users who are not completely trusted," the company said. The other major vulnerabilities resolved by F5 are listed below - * **CVE-2021-23025** (CVSS score: 7.2) - Authenticated remote command execution vulnerability in BIG-IP Configuration utility * **CVE-2021-23026** (CVSS score: 7.5) - Cross-site request forgery (CSRF) vulnerability in iControl SOAP * **CVE-2021-23027 and CVE-2021-23037** (CVSS score: 7.5) - TMUI DOM-based and reflected cross-site scripting (XSS) vulnerabilities * **CVE-2021-23028** (CVSS score: 7.5) - BIG-IP Advanced WAF and ASM vulnerability * **CVE-2021-23029** (CVSS score: 7.5) - BIG-IP Advanced WAF and ASM TMUI vulnerability * **CVE-2021-23030 and CVE-2021-23033** (CVSS score: 7.5) - BIG-IP Advanced WAF and ASM Websocket vulnerabilities * **CVE-2021-23032** (CVSS score: 7.5) - BIG-IP DNS vulnerability * **CVE-2021-23034, CVE-2021-23035, and CVE-2021-23036** (CVSS score: 7.5) - Traffic Management Microkernel vulnerabilities Additionally, F5 has also patched a number of flaws that range from directory traversal vulnerability and SQL injection to open redirect vulnerability and cross-site request forgery, as well as a MySQL database flaw that results in the database consuming more storage space than expected when brute-force protection features of the firewall are enabled. With F5 devices often becoming [juicy](<https://thehackernews.com/2020/07/f5-big-ip-application-security.html>) [targets](<https://thehackernews.com/2021/03/latest-f5-big-ip-bug-under-active.html>) for active exploitation attempts by threat actors, it's highly recommended that users and administrators install updated software or apply the necessary mitigations as soon as possible. Found this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter __](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.

{"id": "THN:AB6AF941A4E7A9700ED2262D095F402F", "vendorId": null, "type": "thn", "bulletinFamily": "info", "title": "F5 Releases Critical Security Patch for BIG-IP and BIG-IQ Devices", "description": "[![](https://thehackernews.com/images/-gfgFxzl_oz8/YSd_vfZfXwI/AAAAAAAADqE/9iD9m1l_Ni4LUBNSEi0F4GZmnL4Tjf5fACLcBGAsYHQ/s0/f4.jpg)](<https://thehackernews.com/images/-gfgFxzl_oz8/YSd_vfZfXwI/AAAAAAAADqE/9iD9m1l_Ni4LUBNSEi0F4GZmnL4Tjf5fACLcBGAsYHQ/s0/f4.jpg>)\n\nEnterprise security and network appliance vendor F5 has released patches for more than [two dozen security vulnerabilities](<https://support.f5.com/csp/article/K50974556>) affecting multiple versions of BIG-IP and BIG-IQ devices that could potentially allow an attacker to perform a wide range of malicious actions, including accessing arbitrary files, escalating privileges, and executing JavaScript code.\n\nOf the 29 bugs addressed, 13 are high-severity flaws, 15 are rated medium, and one is rated low in severity.\n\nChief among them is [CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>) (CVSS score: 8.8), a vulnerability affecting BIG-IP Advanced Web Application Firewall and BIG-IP Application Security Manager that allows an authenticated user to perform a privilege escalation.\n\n\"When this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary system commands, create or delete files, and/or disable services. This vulnerability may result in complete system compromise,\" F5 said in its advisory.\n\nIt's worth noting that for customers running the device in [Appliance Mode](<https://support.f5.com/csp/article/K12815>), which applies additional technical restrictions in sensitive sectors, the same vulnerability comes with a critical rating of 9.9 out of 10. \"As this attack is conducted by legitimate, authenticated users, there is no viable mitigation that also allows users access to the Configuration utility. The only mitigation is to remove access for users who are not completely trusted,\" the company said.\n\nThe other major vulnerabilities resolved by F5 are listed below -\n\n * **CVE-2021-23025** (CVSS score: 7.2) - Authenticated remote command execution vulnerability in BIG-IP Configuration utility\n * **CVE-2021-23026** (CVSS score: 7.5) - Cross-site request forgery (CSRF) vulnerability in iControl SOAP\n * **CVE-2021-23027 and CVE-2021-23037** (CVSS score: 7.5) - TMUI DOM-based and reflected cross-site scripting (XSS) vulnerabilities\n * **CVE-2021-23028** (CVSS score: 7.5) - BIG-IP Advanced WAF and ASM vulnerability\n * **CVE-2021-23029** (CVSS score: 7.5) - BIG-IP Advanced WAF and ASM TMUI vulnerability\n * **CVE-2021-23030 and CVE-2021-23033** (CVSS score: 7.5) - BIG-IP Advanced WAF and ASM Websocket vulnerabilities\n * **CVE-2021-23032** (CVSS score: 7.5) - BIG-IP DNS vulnerability\n * **CVE-2021-23034, CVE-2021-23035, and CVE-2021-23036** (CVSS score: 7.5) - Traffic Management Microkernel vulnerabilities\n\nAdditionally, F5 has also patched a number of flaws that range from directory traversal vulnerability and SQL injection to open redirect vulnerability and cross-site request forgery, as well as a MySQL database flaw that results in the database consuming more storage space than expected when brute-force protection features of the firewall are enabled.\n\nWith F5 devices often becoming [juicy](<https://thehackernews.com/2020/07/f5-big-ip-application-security.html>) [targets](<https://thehackernews.com/2021/03/latest-f5-big-ip-bug-under-active.html>) for active exploitation attempts by threat actors, it's highly recommended that users and administrators install updated software or apply the necessary mitigations as soon as possible. \n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "published": "2021-08-26T11:51:00", "modified": "2021-08-27T07:48:49", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 6.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.1, "impactScore": 6.0}, "href": "https://thehackernews.com/2021/08/f5-releases-critical-security-patches.html", "reporter": "The Hacker News", "references": [], "cvelist": ["CVE-2021-23025", "CVE-2021-23026", "CVE-2021-23027", "CVE-2021-23028", "CVE-2021-23029", "CVE-2021-23030", "CVE-2021-23031", "CVE-2021-23032", "CVE-2021-23033", "CVE-2021-23034", "CVE-2021-23035", "CVE-2021-23036", "CVE-2021-23037"], "immutableFields": [], "lastseen": "2022-05-09T12:37:23", "viewCount": 79, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-23025", "CVE-2021-23026", "CVE-2021-23027", "CVE-2021-23028", "CVE-2021-23029", "CVE-2021-23030", "CVE-2021-23031", "CVE-2021-23032", "CVE-2021-23033", "CVE-2021-23034", "CVE-2021-23035", "CVE-2021-23036", "CVE-2021-23037"]}, {"type": "f5", "idList": ["F5:K00602225", "F5:K05043394", "F5:K05314769", "F5:K21435974", "F5:K24301698", "F5:K30523121", "F5:K41351250", "F5:K42051445", "F5:K45407662", "F5:K50974556", "F5:K52420610", "F5:K53854428", "F5:K55543151", "F5:K70415522"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL05043394.NASL", "F5_BIGIP_SOL05314769.NASL", "F5_BIGIP_SOL21435974.NASL", "F5_BIGIP_SOL41351250.NASL", "F5_BIGIP_SOL42051445.NASL", "F5_BIGIP_SOL52420610.NASL", "F5_BIGIP_SOL55543151.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:3132894F3650D97BBD8B8F473D9F1F4E"]}], "rev": 4}, "score": {"value": 1.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2021-23025", "CVE-2021-23026", "CVE-2021-23027", "CVE-2021-23028", "CVE-2021-23029", "CVE-2021-23030", "CVE-2021-23031", "CVE-2021-23032", "CVE-2021-23033", "CVE-2021-23034", "CVE-2021-23035", "CVE-2021-23036", "CVE-2021-23037"]}, {"type": "f5", "idList": ["F5:K00602225", "F5:K05043394", "F5:K05314769", "F5:K21435974", "F5:K24301698", "F5:K30523121", "F5:K41351250", "F5:K42051445", "F5:K45407662", "F5:K50974556", "F5:K52420610", "F5:K53854428", "F5:K55543151", "F5:K70415522"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL05043394.NASL", "F5_BIGIP_SOL05314769.NASL", "F5_BIGIP_SOL41351250.NASL", "F5_BIGIP_SOL42051445.NASL", "F5_BIGIP_SOL52420610.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:3132894F3650D97BBD8B8F473D9F1F4E"]}]}, "exploitation": null, "vulnersScore": 1.4}, "_state": {"dependencies": 1659911869, "score": 1659847081}, "_internal": {"score_hash": "5158a1bfee3fb20c378c900d2b4736bd"}}

{"threatpost": [{"lastseen": "2021-08-26T23:21:16", "description": "Application delivery and networking firm F5 released a baker\u2019s dozen of 13 fixes for high-severity bugs, including one that could lead to complete system takeover and hence is boosted to \u201ccritical\u201d for customers that run BIG-IP in Appliance Mode, given that an attacker that holds valid credentials can bypass Appliance Mode restrictions.\n\nF5 \u2013 maker of near-ubiquitously installed enterprise networking gear \u2013 released nearly 30 vulnerabilities for multiple devices in its [August security updates](<https://support.f5.com/csp/article/K50974556>).\n\nThe worst of the bunch is tracked as [CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>) and affects BIG-IP modules Advanced WAF (Web Application Firewall) and the Application Security Manager (ASM) \u2013 specifically, the Traffic Management User Interface (TMUI).\n\n[![Infosec Insiders Newsletter](https://media.threatpost.com/wp-content/uploads/sites/103/2021/07/10165815/infosec_insiders_in_article_promo.png)](<https://threatpost.com/infosec-insider-subscription-page/?utm_source=ART&utm_medium=ART&utm_campaign=InfosecInsiders_Newsletter_Promo/>)\n\nF5 said that when the vulnerability is exploited, \u201can authenticated attacker with access to the Configuration utility can execute arbitrary system commands, create or delete files, and/or disable services,\u201d potentially leading to \u201ccomplete system compromise.\u201d\n\nCVE-2021-23031 normally entails a high rating of 8.8 severity, but that gets jacked up to 9.9 for just those customers that are using [Appliance mode](<https://support.f5.com/csp/article/K12815>). The Appliance mode adds technical restrictions and is designed to meet the needs of customers in \u201cespecially sensitive sectors\u201d by \u201climiting the BIG-IP system administrative access to match that of a typical network appliance and not a multi-user UNIX device.\u201d\n\nF5 lists a number of products that contain the affected code but aren\u2019t vulnerable, given that attackers can\u2019t exploit the code in default, standard or recommended configurations. F5 noted that there are a limited number of customers using it in the mode \u2013 i.e., Appliance mode \u2013 that elevates the vulnerability\u2019s CVSSv3 severity score to 9.9 (critical).\n\n## No Viable Mitigation\n\nF5 said that there\u2019s \u201cno viable mitigation\u201d that also allows users access to the Configuration utility, given that this attack can be pulled off by legitimate, authenticated users. The only way to mitigate is to pull the access of any users who aren\u2019t \u201ccompletely trusted,\u201d according to the advisory.\n\nCustomers who can\u2019t install a fixed version right off the bat can use the following temporary mitigations, which restrict access to the Configuration utility to only trusted networks or devices and thereby limit the attack surface:\n\n * [Block Configuration utility access through self IP addresses](<https://support.f5.com/csp/article/K41351250#proc1>)\n * [Block Configuration utility access through the management interface](<https://support.f5.com/csp/article/K41351250#proc2>)\n\nMichael Haugh, Vice President at network automation provider Gluware, told Threatpost that known vulnerabilities are challenging to respond to quickly or to mitigate speedily: As it is, network operation crews are \u201cunder the gun to keep the network highly available, secure and delivering the required performance for the business applications,\u201d he said. \u201cVendor vulnerabilities that require an OS Upgrade or patch can be very labor-intensive and potentially disruptive.\u201d\n\nVia email, Haugh observed that when it comes to a load balancer like F5, redundancy \u201cmust be part of the device\u201d and traffic \u201cmust be re-directed off an active device, taking it out of service to perform an upgrade.\u201d\n\nNot just once, mind you, but, often, multiple times: \u201cThis process often has to be repeated over dozens or even hundreds of devices depending on the organization. Having automated processes to pre-check, stage the image, gracefully execute the upgrades and complete post-checks can significantly improve the ability for NetOps to respond and execute a low-risk upgrade.\u201d\n\n## The Other Dozen Bugs\n\nBesides the critical CVE-2021-23031 flaw, the dozen high-severity security bugs addressed in this month\u2019s patch release and listed in the table below have risk scores of between 7.2 and 7.5. The flaws include authenticated remote command execution (RCE), cross-site scripting (XSS) and request forgery, as well as insufficient permission and denial-of-service (DOS).\n\nHalf of them affect all modules, five impact the Advanced WAF and ASM, and one affects the DNS module.\n\nCVE / Bug ID | Severity | CVSS score | Affected products | Affected versions | Fixes introduced in \n---|---|---|---|---|--- \n[CVE-2021-23025](<https://support.f5.com/csp/article/K55543151>) | High | 7.2 | BIG-IP (all modules) | 15.0.0 \u2013 15.1.0 \n14.1.0 \u2013 14.1.3 \n13.1.0 \u2013 13.1.3 \n12.1.0 \u2013 12.1.6 \n11.6.1 \u2013 11.6.5 | 16.0.0 \n15.1.0.5 \n14.1.3.1 \n13.1.3.5 \n[CVE-2021-23026](<https://support.f5.com/csp/article/K53854428>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.2 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 \n11.6.1 \u2013 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \nBIG-IQ | 8.0.0 \u2013 8.1.0 \n7.0.0 \u2013 7.1.0 \n6.0.0 \u2013 6.1.0 | None \n[CVE-2021-23027](<https://support.f5.com/csp/article/K24301698>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.2 \n14.1.0 \u2013 14.1.4 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n[CVE-2021-23028](<https://support.f5.com/csp/article/K00602225>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.3 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.2 \n13.1.4 \n[CVE-2021-23029](<https://support.f5.com/csp/article/K52420610>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 | 16.1.0 \n16.0.1.2 \n[CVE-2021-23030](<https://support.f5.com/csp/article/K42051445>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>) | High \n\n\u2014\n\nCritical \u2013 Appliance mode only\n\n| 8.8 \n\n\u2014\n\n9.9\n\n| BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.2 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.3 \n12.1.0 \u2013 12.1.5 \n11.6.1 \u2013 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.1 \n13.1.4 \n12.1.6 \n11.6.5.3 \n[CVE-2021-23032](<https://support.f5.com/csp/article/K45407662>) | High | 7.5 | BIG-IP (DNS) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 | 16.1.0 \n15.1.3.1 \n14.1.4.4 \n[CVE-2021-23033](<https://support.f5.com/csp/article/K05314769>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 | 16.1.0 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23034](<https://support.f5.com/csp/article/K30523121>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 \u2013 16.0.1 \n15.1.0 \u2013 15.1.3 | 16.1.0 \n15.1.3.1 \n[CVE-2021-23035](<https://support.f5.com/csp/article/K70415522>) | High | 7.5 | BIG-IP (all modules) | 14.1.0 \u2013 14.1.4 | 14.1.4.4 \n[CVE-2021-23036](<https://support.f5.com/csp/article/K05043394>) | High | 7.5 | BIG-IP (Advanced WAF, ASM, DataSafe) | 16.0.0 \u2013 16.0.1 | 16.1.0 \n16.0.1.2 \n[CVE-2021-23037](<https://support.f5.com/csp/article/K21435974>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 \u2013 16.1.0 \n15.1.0 \u2013 15.1.3 \n14.1.0 \u2013 14.1.4 \n13.1.0 \u2013 13.1.4 \n12.1.0 \u2013 12.1.6 \n11.6.1 \u2013 11.6.5 | None \n \n## CISA Security Advisory\n\nThe Cybersecurity and Infrastructure Security Agency (CISA) issued a [security advisory](<https://us-cert.cisa.gov/ncas/current-activity/2021/08/25/f5-releases-august-2021-security-advisory>) encouraging users and admins to review [F5\u2019s security advisory](<https://support.f5.com/csp/article/K50974556>) and to update the software or to apply mitigations ASAP.\n\n\u201cDon\u2019t delay\u201d is, of course, good advice when it comes to F5 equipment, given that the company\u2019s enterprise networking can be found in some of the largest tech companies in the world, including Facebook, Microsoft and Oracle. It\u2019s also found in the halls of a trove of Fortune 500 companies, including some of the world\u2019s biggest financial institutions and ISPs.\n\n## F5: Prime Pickings for Pests\n\nAll that gear is also gleefully picked apart by attackers. Case in point: [CVE 2020-5902](<https://threatpost.com/patch-critical-f5-flaw-active-attack/157164/>), a critical vulnerability in F5 Networks\u2019 BIG-IP advanced delivery controller networking devices that, as of July 2020, was being exploited by attackers to scrape credentials, launch malware and more, was recently featured in [CISA\u2019s list of top 30 bugs](<https://threatpost.com/cisa-top-bugs-old-enough-to-buy-beer/168247/>) \u201croutinely\u201d exploited in 2020 and into this year.\n\nJonathan Chua, application security consultant at app security provider nVisium, noted that F5 Big IP has been targeted by security researchers and adversaries due to the product\u2019s vulnerable, external nature. \u201cSeveral F5 application services can be hosted externally, allowing any internet user to attempt to connect to the service,\u201d he told Threatpost on Thusday. \u201cDue to the ease of accessibility and the amount of publicly known vulnerabilities associated with F5 applications, the service becomes a prime target for adversaries to break into a company\u2019s network via the external perimeter.\u201d\n\nHe pointed to the F5 Traffic Management User Interface (TMUI), which is [being actively exploited](<https://threatpost.com/critical-f5-big-ip-flaw-now-under-active-attack/164940/>), as one example. The service is often available on a company\u2019s external perimeter and contains a critical RCE vulnerability, he noted. \u201cAs a result, if the service is exploited, such service may provide external attackers an initial foothold in a company\u2019s internal network,\u201d Chua said in an email.\n\n082621 13:48 UPDATE: Added input from Jonathan Chua and Michael Haugh.\n\n_**Check out our free **_[_**upcoming live and on-demand webinar events**_](<https://threatpost.com/category/webinars/>)_** \u2013 unique, dynamic discussions with cybersecurity experts and the Threatpost community.**_\n", "cvss3": {}, "published": "2021-08-26T16:40:38", "type": "threatpost", "title": "F5 Bug Could Lead to Complete System Takeover", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-23025", "CVE-2021-23026", "CVE-2021-23027", "CVE-2021-23028", "CVE-2021-23029", "CVE-2021-23030", "CVE-2021-23031", "CVE-2021-23032", "CVE-2021-23033", "CVE-2021-23034", "CVE-2021-23035", "CVE-2021-23036", "CVE-2021-23037"], "modified": "2021-08-26T16:40:38", "id": "THREATPOST:3132894F3650D97BBD8B8F473D9F1F4E", "href": "https://threatpost.com/f5-critical-bug-system-takeover/168952/", "cvss": {"score": 0.0, "vector": "NONE"}}], "f5": [{"lastseen": "2022-04-20T05:39:24", "description": "On August 24, 2021, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated security advisory.\n\nHigh CVEs\n\n * [K55543151: BIG-IP TMUI vulnerability CVE-2021-23025](<https://support.f5.com/csp/article/K55543151>)\n\nCVSS score: 7.2 (High)\n\nAn authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility.\n\n * [K53854428: iControl SOAP vulnerability CVE-2021-23026](<https://support.f5.com/csp/article/K53854428>)\n\nCVSS score: 7.5 (High)\n\nBIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP.\n\n * [K24301698: TMUI XSS vulnerability CVE-2021-23027](<https://support.f5.com/csp/article/K24301698>)\n\nCVSS score: 7.5 (High)\n\nA DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user.\n\n * [K00602225: BIG-IP Advanced WAF and ASM vulnerability CVE-2021-23028](<https://support.f5.com/csp/article/K00602225>)\n\nCVSS score: 7.5 (High)\n\nWhen JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate.\n\n * [K52420610: BIG-IP Advanced WAF and ASM TMUI vulnerability CVE-2021-23029](<https://support.f5.com/csp/article/K52420610>)\n\nCVSS score: 7.5 (High)\n\nInsufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility.\n\n * [K42051445: BIG-IP Advanced WAF and ASM Websocket vulnerability CVE-2021-23030](<https://support.f5.com/csp/article/K42051445>)\n\nCVSS score: 7.5 (High)\n\nWhen a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate.\n\n * [K41351250: BIG-IP Advanced WAF and ASM TMUI vulnerability CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>)\n\nCVSS score: 8.8 (High) / 9.9 (Appliance Mode Only) \n**Note**: The limited number of customers using Appliance Mode will have Scope: Changed, which raises the CVSSv3 score to 9.9. For information on Appliance mode, refer to [K12815: Overview of Appliance mode](<https://support.f5.com/csp/article/K12815>).\n\nAn authenticated user may perform a privilege escalation on BIG-IP Advanced WAF and ASM TMUI.\n\n * [K45407662: BIG-IP DNS vulnerability CVE-2021-23032](<https://support.f5.com/csp/article/K45407662>)\n\nCVSS score: 7.5 (High)\n\nWhen a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K05314769: BIG-IP Advanced WAF and ASM Websocket vulnerability CVE-2021-23033](<https://support.f5.com/csp/article/K05314769>)\n\nCVSS score: 7.5 (High)\n\nWhen a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate.\n\n * [K30523121: BIG-IP TMM vulnerability CVE-2021-23034](<https://support.f5.com/csp/article/K30523121>)\n\nCVSS score: 7.5 (High)\n\nWhen a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate.\n\n * [K70415522: TMM vulnerability CVE-2021-23035](<https://support.f5.com/csp/article/K70415522>)\n\nCVSS score: 7.5 (High)\n\nWhen an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K05043394: TMM vulnerability CVE-2021-23036](<https://support.f5.com/csp/article/K05043394>)\n\nCVSS score: 7.5 (High)\n\nWhen a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K21435974: TMUI XSS vulnerability CVE-2021-23037](<https://support.f5.com/csp/article/K21435974>)\n\nCVSS score: 7.5 (High)\n\nA reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user.\n\nMedium CVEs\n\n * [K61643620: BIG-IP TMUI XSS vulnerability CVE-2021-23038](<https://support.f5.com/csp/article/K61643620>)\n\nCVSS score: 6.8 (Medium)\n\nA stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user.\n\n * [K66782293: TMM vulnerability CVE-2021-23039](<https://support.f5.com/csp/article/K66782293>)\n\nCVSS score: 6.5 (Medium)\n\nWhen IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote (IPSec) peer, which already has a negotiated Security Association, can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K94255403: BIG-IP AFM vulnerability CVE-2021-23040](<https://support.f5.com/csp/article/K94255403>)\n\nCVSS score: 5.4 (Medium)\n\nA SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned.\n\n * [K42526507: BIG-IP TMUI vulnerability CVE-2021-23041](<https://support.f5.com/csp/article/K42526507>)\n\nCVSS score: 4.7 (Medium)\n\nA DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the current logged-in user.\n\n * [K93231374: BIG-IP HTTP vulnerability CVE-2021-23042](<https://support.f5.com/csp/article/K93231374>)\n\nCVSS score: 5.3 (Medium)\n\nWhen an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization.\n\n * [K63163637: BIG-IP TMUI vulnerability CVE-2021-23043](<https://support.f5.com/csp/article/K63163637>)\n\nCVSS score: 4.3 (Medium)\n\nA directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to access arbitrary files.\n\n * [K35408374: BIG-IP compression driver vulnerability CVE-2021-23044](<https://support.f5.com/csp/article/K35408374>)\n\nCVSS score: 5.9 (Medium)\n\nWhen the Intel QuickAssist Technology (QAT) compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition (VE) platforms, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K94941221: TMM SCTP vulnerability CVE-2021-23045](<https://support.f5.com/csp/article/K94941221>)\n\nCVSS score: 5.3 (Medium)\n\nWhen an SCTP profile with multiple paths is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K70652532: F5 BIG-IP Guided Configuration logging vulnerability CVE-2021-23046](<https://support.f5.com/csp/article/K70652532>)\n\nCVSS score: 4.9 (Medium)\n\nWhen a configuration that contains secure properties is created and deployed from Access Guided Configuration (AGC), secure properties are logged in restnoded logs.\n\n * [K79428827: BIG-IP APM OCSP vulnerability CVE-2021-23047](<https://support.f5.com/csp/article/K79428827>)\n\nCVSS score: 5.3 (Medium)\n\nWhen BIG-IP APM performs Online Certificate Status Protocol (OCSP) verification of a certificate that contains Authority Information Access (AIA), undisclosed requests may cause an increase in memory use.\n\n * [K19012930: TMM GTP vulnerability CVE-2021-23048](<https://support.f5.com/csp/article/K19012930>)\n\nCVSS score: 5.9 (Medium)\n\nWhen GPRS Tunneling Protocol (GTP) iRules commands or a GTP profile is configured on a virtual server, undisclosed GTP messages can cause the Traffic Management Microkernel (TMM) to terminate.\n\n * [K65397301: iRule RESOLVER::summarize memory leak vulnerability CVE-2021-23049](<https://support.f5.com/csp/article/K65397301>)\n\nCVSS score: 5.3 (Medium)\n\nWhen the iRules RESOLVER::summarize command is used on a virtual server, undisclosed requests can cause an increase in Traffic Management Microkernel (TMM) memory utilization resulting in an out-of-memory condition and a denial-of-service (DoS).\n\n * [K44553214: Web application firewall vulnerability CVE-2021-23050](<https://support.f5.com/csp/article/K44553214>)\n\nCVSS score: 5.9 (Medium)\n\nWhen a cross-site request forgery (CSRF)-enabled policy is configured on a virtual server, an undisclosed HTML response may cause the BIG-IP ASM bd process to terminate.\n\n * [K01153535: BIG-IP AWS vulnerability CVE-2021-23051](<https://support.f5.com/csp/article/K01153535>)\n\nCVSS score: 5.9 (Medium)\n\nWhen the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. This is due to an incomplete fix for CVE-2020-5862.\n\n * [K32734107: BIG-IP APM vulnerability CVE-2021-23052](<https://support.f5.com/csp/article/K32734107>)\n\nCVSS score: 6.1 (Medium)\n\nAn open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious user to build an open redirect URI.\n\nLow CVEs\n\n * [K36942191: BIG-IP Advanced WAF and ASM MySQL database vulnerability CVE-2021-23053](<https://support.f5.com/csp/article/K36942191>)\n\nCVSS score: 3.7 (Low)\n\nWhen the brute force protection feature of ASM/Adv WAF is enabled on a virtual server and the virtual server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit on undisclosed tables in the MYSQL database.\n\nSecurity Exposures\n\n * [K14903688: BIG-IP SSL Profile OCSP Authentication security exposure](<https://support.f5.com/csp/article/K14903688>)\n\nThe BIG-IP system does not properly verify the revocation of intermediate CA certificates when querying Online Certificate Status Protocol (OCSP) servers and may allow unauthorized connections.\n\n * [K49549213: The BIG-IP Advanced WAF and ASM brute force mitigation may fail when receiving a specially crafted request](<https://support.f5.com/csp/article/K49549213>)\n\nF5 Advanced Web Application Firewall (WAF) and BIG-IP ASM brute force mitigation may fail.\n\n * [K48321015: The BIG-IP Advanced WAF and ASM systems may fail to correctly enforce HTML form login pages](<https://support.f5.com/csp/article/K48321015>)\n\nThe BIG-IP Advanced WAF and ASM systems may fail to correctly enforce HTML form login pages when the request contains an incorrectly formatted parameter. This issue occurs when the security policy includes a configuration that enables brute force protection for the HTML form login page.\n\n * [K30150004: The attack signature check may fail to detect and block malicious requests](<https://support.f5.com/csp/article/K30150004>)\n\nThe attack signature check may fail to detect and block malicious request containing certain decimal-coded characters.\n\n * [K30291321: The attack signature check may fail to detect and block illegal requests.](<https://support.f5.com/csp/article/K30291321>)\n\nThe attack signature check may fail to detect and block illegal requests.\n\n * [K05391775: The BIG-IP ASM system may not properly perform attack signature checks](<https://support.f5.com/csp/article/K05391775>)\n\nThe BIG-IP ASM system may not properly perform attack signature checks on request and response content.\n\nThe following table provides key information for each vulnerability to assist in determining which are pertinent to your network.\n\n**Note**: For security and sustainability, your best update choice is the latest maintenance release of a Long-Term Stability Release version.\n\n * Long-Term Stability Release versions have 1 for their minor release number (x.1.x), and they are not available for a period of time after a major release (x.0.x).\n * The latest maintenance release of a Long-Term Stability Release version (x.1.latest) can be between x.1.0 and x.1.n.\n\nUpdating to maintenance or point releases (x.1.x.x) for a Long-Term Stability Release version does not introduce changes in existing default behavior.\n\nF5 recommends that you update or upgrade your BIG-IP appliances to at least BIG-IP 14.1.0 and your BIG-IP VEs to at least BIG-IP 15.1.0. For more information, see the release notes for [BIG-IP 14.1.0](<https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-bigip-14-1-0.html>) and [BIG-IP 15.1.0](<https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-bigip-15-1-0.html>).\n\nHigh CVEs\n\nCVE / Bug ID | Severity | CVSS score | Affected products | Affected versions1 | Fixes introduced in \n---|---|---|---|---|--- \n[CVE-2021-23025](<https://support.f5.com/csp/article/K55543151>) | High | 7.2 | BIG-IP (all modules) | 15.0.0 - 15.1.0 \n14.1.0 - 14.1.3 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.0.0 \n15.1.0.5 \n14.1.3.1 \n13.1.3.5 \n[CVE-2021-23026](<https://support.f5.com/csp/article/K53854428>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \nBIG-IQ | 8.0.0 - 8.1.0 \n7.0.0 - 7.1.0 \n6.0.0 - 6.1.0 | None \n[CVE-2021-23027](<https://support.f5.com/csp/article/K24301698>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n[CVE-2021-23028](<https://support.f5.com/csp/article/K00602225>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.1 \n15.1.1 - 15.1.3 \n14.1.3.1 - 14.1.4.1 \n13.1.3.5 - 13.1.3.6 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.2 \n13.1.4 \n[CVE-2021-23029](<https://support.f5.com/csp/article/K52420610>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 | 16.1.0 \n16.0.1.2 \n[CVE-2021-23030](<https://support.f5.com/csp/article/K42051445>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23031](<https://support.f5.com/csp/article/K41351250>) | \n\nHigh\n\n\\--\n\nCritical - Appliance mode only2\n\n| \n\n8.8\n\n\\--\n\n9.92\n\n| BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.5 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.1 \n13.1.4 \n12.1.6 \n11.6.5.3 \n[CVE-2021-23032](<https://support.f5.com/csp/article/K45407662>) | High | 7.5 | BIG-IP (DNS) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n15.1.3.1 \n14.1.4.4 \n13.1.5 \n[CVE-2021-23033](<https://support.f5.com/csp/article/K05314769>) | High | 7.5 | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23034](<https://support.f5.com/csp/article/K30523121>)3 | High | 7.5 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 | 16.1.0 \n15.1.3.1 \n[CVE-2021-23035](<https://support.f5.com/csp/article/K70415522>) | High | 7.5 | BIG-IP (all modules) | 14.1.0 - 14.1.4 | 14.1.4.4 \n[CVE-2021-23036](<https://support.f5.com/csp/article/K05043394>) | High | 7.5 | BIG-IP (Advanced WAF, ASM, DataSafe) | 16.0.0 - 16.0.1 | 16.1.0 \n16.0.1.2 \n[CVE-2021-23037](<https://support.f5.com/csp/article/K21435974>) | High | 7.5 | BIG-IP (all modules) | 16.0.0 - 16.1.1 \n15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.2 \n15.1.4.1 \n14.1.4.5 \n13.1.5 \n[CVE-2021-23038](<https://support.f5.com/csp/article/K61643620>) | Medium | 6.8 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.0.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.2 \n13.1.4.1 \n[CVE-2021-23039](<https://support.f5.com/csp/article/K66782293>) | Medium | 6.5 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.0.0 - 15.1.2 \n14.1.0 - 14.1.2 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.2.8 \n13.1.5 \n[CVE-2021-23040](<https://support.f5.com/csp/article/K94255403>) | Medium | 5.4 | BIG-IP AFM | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \n[CVE-2021-23041](<https://support.f5.com/csp/article/K42526507>) | Medium | 4.7 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \n[CVE-2021-23042](<https://support.f5.com/csp/article/K93231374>) | Medium | 5.3 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.3 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4 \n13.1.4 \n12.1.6 \n[CVE-2021-23043](<https://support.f5.com/csp/article/K63163637>) | Medium | 4.3 | BIG-IP (all modules) | 16.0.0 - 16.1.1 \n15.1.0 - 15.1.4 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.2 \n15.1.4.1 \n14.1.4.5 \n13.1.5 \n[CVE-2021-23044](<https://support.f5.com/csp/article/K35408374>) | Medium | 5.9 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n15.1.3.1 \n14.1.4.2 \n13.1.4.1 \n[CVE-2021-23045](<https://support.f5.com/csp/article/K94941221>) | Medium | 5.3 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.3 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.5 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23046](<https://support.f5.com/csp/article/K70652532>) | Medium | 4.9 | BIG-IP (Guided Configuration) | 7.0 \n6.0 \n5.0 \n4.1 \n3.0 | 8.0 \nBIG-IP APM5 | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 16.1.0 \n[CVE-2021-23047](<https://support.f5.com/csp/article/K79428827>) | Medium | 5.3 | BIG-IP APM | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n15.1.3.1 \n14.1.4.3 \n13.1.5 \n[CVE-2021-23048](<https://support.f5.com/csp/article/K19012930>) | Medium | 5.9 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.5 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.3 \n13.1.4.1 \n[CVE-2021-23049](<https://support.f5.com/csp/article/K65397301>) | Medium | 5.3 | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 | 16.1.0 \n16.0.1.2 \n15.1.3 \n[CVE-2021-23050](<https://support.f5.com/csp/article/K44553214>) | Medium | 5.9 | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \nNGINX App Protect | 3.0.0 - 3.4.0 \n2.0.0 - 2.3.0 \n1.0.0 - 1.3.0 | 3.5.0 \n[CVE-2021-23051](<https://support.f5.com/csp/article/K01153535>) | Medium | 5.9 | BIG-IP (all modules) | 15.1.0.4 - 15.1.3 | 16.0.0 \n15.1.3.1 \n[CVE-2021-23052](<https://support.f5.com/csp/article/K32734107>) | Medium | 6.1 | BIG-IP APM | 14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 | 14.1.4.4 \n13.1.5 \n[CVE-2021-23053](<https://support.f5.com/csp/article/K36942191>) | Low | 3.7 | BIG-IP (Advanced WAF, ASM) | 15.1.0 - 15.1.2 \n14.1.0 - 14.1.3 \n13.1.0 - 13.1.3 | 16.0.0 \n15.1.3 \n14.1.3.1 \n13.1.3.6 \n[ID 889601](<https://support.f5.com/csp/article/K14903688>) | Not applicable | Not applicable | BIG-IP (all modules) | 16.0.0 - 16.0.1 \n15.0.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4 \n13.1.4 \n[ID 928685](<https://support.f5.com/csp/article/K49549213>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.2 \n13.1.4.1 \n[ID 929001](<https://support.f5.com/csp/article/K48321015>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.3 \n12.1.0 - 12.1.5 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3 \n14.1.4.1 \n13.1.4 \n12.1.6 \n11.6.5.3 \n[ID 943913](<https://support.f5.com/csp/article/K30150004>) \n[WAFMC-4566](<https://support.f5.com/csp/article/K30150004>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.3 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.6 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.3.1 \n14.1.4.2 \n13.1.4.1 \nNGINX App Protect | 3.0.0 - 3.4.0 \n2.0.0 - 2.3.0 \n1.0.0 - 1.3.0 | 3.5.0 \n[ID 968421](<https://support.f5.com/csp/article/K30291321>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 16.0.0 - 16.0.1 \n15.1.0 - 15.1.2 \n14.1.0 - 14.1.4 \n13.1.0 - 13.1.4 \n12.1.0 - 12.1.5 \n11.6.1 - 11.6.5 | 16.1.0 \n16.0.1.2 \n15.1.2.1 \n14.1.4.2 \n13.1.4.1 \n12.1.6 \n11.6.5.3 \nNGINX App Protect | 2.0.0 - 2.1.0 \n1.0.0 - 1.3.0 | 2.2.0 \n[ID 987157](<https://support.f5.com/csp/article/K05391775>) | Not applicable | Not applicable | BIG-IP (Advanced WAF, ASM) | 13.1.0 -13.1.4 | 13.1.5 \n \n1F5 evaluates only software versions that have not yet reached the End of Technical Support (EoTS) phase of their lifecycle.\n\n2The limited number of customers using Appliance Mode will have Scope: Changed, which raises the CVSSv3 score to 9.9. For information on Appliance mode, refer to [K12815: Overview of Appliance mode](<https://support.f5.com/csp/article/K12815>).\n\n3The fix for this issue may cause a loss of functionality when the iRule command [RESOLV::lookup](<https://clouddocs.f5.com/api/irules/RESOLV__lookup.html>) is used. The iRule command **RESOLV::lookup** is deprecated as of BIG-IP 15.1.0; F5 recommends that customers update their iRules in favor of the [RESOLVER](<https://clouddocs.f5.com/api/irules/RESOLVER.html>) and [DNSMSG](<https://clouddocs.f5.com/api/irules/DNSMSG.html>) namespaces.\n\nFor more information on the specific conditions that result in a loss of behavior, refer to the following Bug Tracker items:\n\n * [Bug ID 1010697](<https://cdn.f5.com/product/bugtracker/ID1010697.html>)\n * [Bug ID 1037005](<https://cdn.f5.com/product/bugtracker/ID1037005.html>)\n * [Bug ID 1038921](<https://cdn.f5.com/product/bugtracker/ID1038921.html>)\n\n4This issue has been fixed in an engineering hotfix available for supported versions of the BIG-IP system. Customers affected by this issue can request a hotfix from F5 Support on the latest supported versions of the BIG-IP system.\n\n5You can independently upgrade F5 Guided Configuration without upgrading the entire BIG-IP system. To address this vulnerability, you can download and install an F5 Guided Configuration version listed in the **Fixed introduced in** column. For more information on how to upgrade F5 Guided Configuration and its supported upgrade path, refer to [K85454683: Upgrading F5 Guided Configuration on BIG-IP** **](<https://support.f5.com/csp/article/K85454683>)and [K06258575: Supported upgrade path for Guided Configuration](<https://support.f5.com/csp/article/K06258575>).\n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-08-24T13:55:00", "type": "f5", "title": "Overview of F5 vulnerabilities (August 2021)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-5862", "CVE-2021-23025", "CVE-2021-23026", "CVE-2021-23027", "CVE-2021-23028", "CVE-2021-23029", "CVE-2021-23030", "CVE-2021-23031", "CVE-2021-23032", "CVE-2021-23033", "CVE-2021-23034", "CVE-2021-23035", "CVE-2021-23036", "CVE-2021-23037", "CVE-2021-23038", "CVE-2021-23039", "CVE-2021-23040", "CVE-2021-23041", "CVE-2021-23042", "CVE-2021-23043", "CVE-2021-23044", "CVE-2021-23045", "CVE-2021-23046", "CVE-2021-23047", "CVE-2021-23048", "CVE-2021-23049", "CVE-2021-23050", "CVE-2021-23051", "CVE-2021-23052", "CVE-2021-23053"], "modified": "2022-04-20T04:11:00", "id": "F5:K50974556", "href": "https://support.f5.com/csp/article/K50974556", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-19T03:31:04", "description": "When a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23032](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23032>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure, this is a data plane issue only.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-24T12:46:00", "type": "f5", "title": "BIG-IP DNS vulnerability CVE-2021-23032", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23032"], "modified": "2022-04-19T02:54:00", "id": "F5:K45407662", "href": "https://support.f5.com/csp/article/K45407662", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-28T15:30:30", "description": "When JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. ([CVE-2021-23028](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-23028>))\n\nImpact\n\nTraffic is disrupted while the BIG-IP ASM **bd** process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-24T13:05:00", "type": "f5", "title": "Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23028", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23028"], "modified": "2022-07-27T20:19:00", "id": "F5:K00602225", "href": "https://support.f5.com/csp/article/K00602225", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-10T00:00:00", "description": "Insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. ([CVE-2021-23029](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-23029>))\n\nImpact\n\nAn attacker with network access to the management interface and authenticated with guest privileges may be able to perform an SSRF attack.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-24T12:50:00", "type": "f5", "title": "Advanced WAF and BIG-IP ASM TMUI vulnerability CVE-2021-23029", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23029"], "modified": "2021-09-23T20:32:00", "id": "F5:K52420610", "href": "https://support.f5.com/csp/article/K52420610", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-09-01T12:57:43", "description": "A DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. ([CVE-2021-23027](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23027>))\n\nImpact\n\nAn attacker may exploit this vulnerability by causing an authenticated user to submit malicious HTML or JavaScript code in the BIG-IP Configuration utility. If successful, an attacker can run JavaScript in the context of the currently logged-in user. In the case of an administrative user with access to the Advanced Shell (**bash**), an attacker can leverage successful exploitation of this vulnerability to compromise the BIG-IP system.\n", "cvss3": {}, "published": "2021-08-24T12:49:00", "type": "f5", "title": "TMUI XSS vulnerability CVE-2021-23027", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23027"], "modified": "2021-08-24T12:49:00", "id": "F5:K24301698", "href": "https://support.f5.com/csp/article/K24301698", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-02-10T00:00:00", "description": "An authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility. ([CVE-2021-23025](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23025>))\n\nImpact\n\nThis vulnerability may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.\n\nThis vulnerability may result in complete system compromise.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-08-24T13:44:00", "type": "f5", "title": "BIG-IP TMUI vulnerability CVE-2021-23025", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23025"], "modified": "2021-12-01T05:50:00", "id": "F5:K55543151", "href": "https://support.f5.com/csp/article/K55543151", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-09-08T18:08:55", "description": "When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. ([CVE-2021-23030](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23030>))\n\nImpact\n\nTraffic is disrupted while the **bd** process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T13:02:00", "type": "f5", "title": "BIG-IP Advanced WAF and ASM WebSocket vulnerability CVE-2021-23030", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23030"], "modified": "2021-09-08T17:26:00", "id": "F5:K42051445", "href": "https://support.f5.com/csp/article/K42051445", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-08T18:08:55", "description": "An authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. ([CVE-2021-23031](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23031>))\n\nImpact\n\nWhen this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary system commands, create or delete files, and/or disable services. This vulnerability may result in complete system compromise.\n", "cvss3": {}, "published": "2021-08-12T21:29:00", "type": "f5", "title": "BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23031", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23031"], "modified": "2021-09-08T17:35:00", "id": "F5:K41351250", "href": "https://support.f5.com/csp/article/K41351250", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-23T20:09:19", "description": "BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. ([CVE-2021-23026](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23026>))\n\nImpact\n\nAn attacker may trick authenticated users into performing critical actions. This vulnerability can only be exploited through the control plane and cannot be exploited through the data plane. Exploitation can lead to complete system compromise.\n", "cvss3": {}, "published": "2021-08-24T12:59:00", "type": "f5", "title": "iControl SOAP vulnerability CVE-2021-23026", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23026"], "modified": "2021-09-23T20:06:00", "id": "F5:K53854428", "href": "https://support.f5.com/csp/article/K53854428", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-08T18:08:55", "description": "When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. ([CVE-2021-23033](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23033>))\n\nImpact\n\nTraffic is disrupted while the **bd** process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T12:49:00", "type": "f5", "title": "BIG-IP Advanced WAF and ASM WebSocket vulnerability CVE-2021-23033", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23033"], "modified": "2021-09-08T17:28:00", "id": "F5:K05314769", "href": "https://support.f5.com/csp/article/K05314769", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:43", "description": "When an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23035](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23035>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T12:42:00", "type": "f5", "title": "TMM vulnerability CVE-2021-23035", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23035"], "modified": "2021-08-24T12:42:00", "id": "F5:K70415522", "href": "https://support.f5.com/csp/article/K70415522", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-09-01T12:57:42", "description": "When a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. ([CVE-2021-23034](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23034>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure; this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T13:50:00", "type": "f5", "title": "BIG-IP TMM vulnerability CVE-2021-23034", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23034"], "modified": "2021-08-24T13:50:00", "id": "F5:K30523121", "href": "https://support.f5.com/csp/article/K30523121", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-04-19T03:31:14", "description": "A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. ([CVE-2021-23037](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-23037>))\n\nImpact\n\nAn attacker may exploit this vulnerability by causing an authenticated user to send a crafted URL that is then reflected back and executed by the user's web browser. If successful, an attacker can run JavaScript in the context of the currently logged-in user. In the case of an administrative user with access to the Advanced Shell (**bash**), an attacker can leverage successful exploitation of this vulnerability to compromise the BIG-IP system.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-08-24T12:34:00", "type": "f5", "title": "TMUI XSS vulnerability CVE-2021-23037", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23037"], "modified": "2022-04-19T02:32:00", "id": "F5:K21435974", "href": "https://support.f5.com/csp/article/K21435974", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-09-01T12:57:43", "description": "When a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. ([CVE-2021-23036](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23036>))\n\nImpact\n\nTraffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a denial-of-service (DoS) on the BIG-IP system. There is no control plane exposure, this is a data plane issue only.\n", "cvss3": {}, "published": "2021-08-24T12:47:00", "type": "f5", "title": "TMM vulnerability CVE-2021-23036", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23036"], "modified": "2021-08-24T12:47:00", "id": "F5:K05043394", "href": "https://support.f5.com/csp/article/K05043394", "cvss": {"score": 0.0, "vector": "NONE"}}], "cnvd": [{"lastseen": "2022-11-05T09:57:20", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in F5 BIG-IP DNS, which stems from the fact that when the BIG-IP DNS system is configured with non-default wide IP and pool settings, an undisclosed DNS response may cause TMM to terminate. When the TMM process is restarted, traffic is interrupted. An attacker could use this vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP DNS denial-of-service vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23032"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65651", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65651", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:04", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An XSS vulnerability exists in the F5 BIG-IP TMUI, which can be exploited by attackers to run JavaScript in the context of the currently logged-in user.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMUI XSS vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23027"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65653", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65653", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-11-05T09:57:54", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A security vulnerability exists in the F5 BIG-IP Advanced WAF and ASM TMUI, which could be exploited by an attacker with network access to the management interface and authentication via guest privileges to be able to perform SSRF attacks.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-25T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM TMUI server-side request forgery vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23029"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65621", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65621", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T09:57:22", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A security vulnerability exists in F5 BIG-IP Advanced WAF and ASM due to a JSON content profile referenced in an AWAF/ASM security policy that contains policies for URLs and is associated with a virtual server. An undisclosed request could cause the BD process of BIG-IP AWAF/ASM to terminate when the policy containing URLs for content profiles is associated with a virtual server. An attacker could exploit this vulnerability to launch a denial of service against BIG-IP.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM are unspecified vulnerabilities", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23028"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65652", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65652", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:41", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A remote command execution vulnerability exists in the F5 BIG-IP TMUI, which can be exploited by an authenticated attacker with high-level privileges to access the management page through the BIGIP management port or Self IP address to execute arbitrary system commands, create or delete files, or disable services.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMUI Remote Command Execution Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23025"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65655", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65655", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T09:57:53", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An unspecified vulnerability exists in the F5 BIG-IP Advanced WAF and ASM TMUI, which, when cracked, allows an authenticated attacker with access to the management page to execute arbitrary system commands, create or delete files, or disable services. An attacker could exploit the vulnerability to cause the system to be completely compromised.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-08-25T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM TMUI is vulnerable to unspecified vulnerabilities", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23031"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65622", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65622", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T09:56:51", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. When a Websocket profile is configured on the Virtual server of BIG-IP AWAF/ASM, undisclosed requests may cause the BD process to terminate.BIG-IP A restart of the BD process of AWAF/ASM can cause a traffic disruption. An attacker could use this vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM WebSocket Denial of Service Vulnerability (CNVD-2021-65633)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23030"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65633", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65633", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:53", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A CSRF vulnerability exists in F5 BIG-IP iControl SOAP, which could be exploited by an attacker to potentially trick authenticated users into performing critical operations.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP iControl SOAP CSRF Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23026"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65654", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65654", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-05T09:57:31", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP Advanced WAF and ASM WebSocket, which originates from the BIG-IP AWAF/ASM Virtual The vulnerability is caused when a Websocket profile is configured on the BIG-IP AWAF/ASM Virtual server, and an undisclosed request could cause the bd to terminate, which could cause a traffic disruption when the BD process of BIG-IP AWAF/ASM restarts. A remote attacker could use this vulnerability to launch a denial of service against BIG-IP.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP Advanced WAF and ASM WebSocket Denial of Service Vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23033"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65650", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65650", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-11-05T09:57:29", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in F5 BIG-IP TMM, which stems from the fact that in the case of HTTP profiles associated with Virtual Server, after a specific sequence of packets chunked responses could cause TMM to terminate. When the TMM process is restarted, traffic is interrupted and an attacker can use this vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMM Denial of Service Vulnerability (CNVD-2021-65648)", "bulletinFamily": "cnvd", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23035"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65648", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65648", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-11-05T09:57:25", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in F5 BIG-IP TMM, which stems from the presence of a DNS profile file with DNS Cache resolver enabled when associated on Virtual Server A specific request could cause the TMM process to terminate. When the TMM process is restarted, traffic is interrupted and an attacker can use this vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMM Denial of Service Vulnerability (CNVD-2021-65649)", "bulletinFamily": "cnvd", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23034"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65649", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65649", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-11-05T09:58:01", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An XSS vulnerability exists in the F5 BIG-IP TMUI, which can be exploited by attackers to run JavaScript in the context of the currently logged-in user.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMUI XSS vulnerability (CNVD-2021-65646)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23037"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65646", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65646", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-11-05T09:57:45", "description": "F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP TMM, which stems from an undisclosed request when configuring the BIG-IP ASM and DataSafe profiles on a virtual server that could cause the traffic management microkernel (TMM) to terminate. When the TMM process is restarted, traffic is interrupted and an attacker can exploit the vulnerability to cause a denial of service (DoS) on the BIG-IP system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T00:00:00", "type": "cnvd", "title": "F5 BIG-IP TMM Denial of Service Vulnerability (CNVD-2021-65647)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23036"], "modified": "2021-08-26T00:00:00", "id": "CNVD-2021-65647", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-65647", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T14:27:52", "description": "On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23032", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23032"], "modified": "2021-09-27T12:49:00", "cpe": ["cpe:/a:f5:big-ip_domain_name_system:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:12.1.6"], "id": "CVE-2021-23032", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23032", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_domain_name_system:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:42", "description": "On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, and 14.1.x before 14.1.4.3, a DOM based cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-09-14T22:15:00", "type": "cve", "title": "CVE-2021-23027", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23027"], "modified": "2021-09-28T18:51:00", "cpe": ["cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:16.0.1.1", "cpe:/a:f5:big-ip_ddos_hybrid_defender:16.0.1.1", "cpe:/a:f5:big-ip_application_security_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.0.1.1", "cpe:/a:f5:big-ip_ssl_orchestrator:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4", "cpe:/a:f5:big-ip_ddos_hybrid_defender:14.1.4", "cpe:/a:f5:big-ip_domain_name_system:14.1.4", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:16.0.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4", "cpe:/a:f5:big-ip_link_controller:14.1.4", "cpe:/a:f5:big-ip_link_controller:15.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.0.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:16.0.1.1", "cpe:/a:f5:big-ip_access_policy_manager:16.0.1.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4", "cpe:/a:f5:big-ip_analytics:15.1.3", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4", "cpe:/a:f5:big-ip_ddos_hybrid_defender:15.1.3", "cpe:/a:f5:big-ip_application_security_manager:16.0.1.1", "cpe:/a:f5:big-ip_link_controller:16.0.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_ssl_orchestrator:15.1.3", "cpe:/a:f5:big-ip_analytics:14.1.4", "cpe:/a:f5:big-ip_access_policy_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_web_application_firewall:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.3", "cpe:/a:f5:big-ip_domain_name_system:16.0.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1.1", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4", "cpe:/a:f5:big-ip_analytics:16.0.1.1", "cpe:/a:f5:big-ip_domain_name_system:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4"], "id": "CVE-2021-23027", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23027", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.0.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:47", "description": "On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, and 13.1.x before 13.1.4, when JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall (WAF)/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T21:15:00", "type": "cve", "title": "CVE-2021-23028", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23028"], "modified": "2021-09-24T19:19:00", "cpe": ["cpe:/a:f5:big-ip_advanced_web_application_firewall:13.1.3.6", "cpe:/a:f5:big-ip_application_security_manager:16.0.1", "cpe:/a:f5:big-ip_application_security_manager:14.1.4.1", "cpe:/a:f5:big-ip_application_security_manager:13.1.3.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4.1"], "id": "CVE-2021-23028", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23028", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.3.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:45", "description": "On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-14T23:15:00", "type": "cve", "title": "CVE-2021-23029", "cwe": ["CWE-918"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23029"], "modified": "2021-09-27T16:50:00", "cpe": [], "id": "CVE-2021-23029", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23029", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:27:38", "description": "On version 15.1.x before 15.1.0.5, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all versions of 12.1.x and 11.6.x, an authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-14T21:15:00", "type": "cve", "title": "CVE-2021-23025", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23025"], "modified": "2021-11-30T21:56:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_analytics:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:11.6.5", "cpe:/a:f5:big-ip_ssl_orchestrator:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_ssl_orchestrator:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.5", "cpe:/a:f5:big-ip_application_security_manager:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_ddos_hybrid_defender:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_ddos_hybrid_defender:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6"], "id": "CVE-2021-23025", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23025", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:49", "description": "On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T21:15:00", "type": "cve", "title": "CVE-2021-23030", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23030"], "modified": "2021-09-29T19:10:00", "cpe": ["cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4", "cpe:/a:f5:big-ip_advanced_web_application_firewall:15.1.3", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:13.1.4", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_application_security_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:13.1.4"], "id": "CVE-2021-23030", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23030", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:53", "description": "On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, an authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-09-14T19:15:00", "type": "cve", "title": "CVE-2021-23031", "cwe": ["CWE-78"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23031"], "modified": "2021-09-30T14:42:00", "cpe": ["cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4", "cpe:/a:f5:big-ip_advanced_web_application_firewall:15.1.2", "cpe:/a:f5:big-ip_application_security_manager:11.6.5.2", "cpe:/a:f5:big-ip_application_security_manager:13.1.3", "cpe:/a:f5:big-ip_advanced_web_application_firewall:11.6.5.2", "cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.5", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1.1", "cpe:/a:f5:big-ip_application_security_manager:15.1.2", "cpe:/a:f5:big-ip_application_security_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:13.1.3"], "id": "CVE-2021-23031", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23031", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:11.6.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.5:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:40", "description": "BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-09-14T22:15:00", "type": "cve", "title": "CVE-2021-23026", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23026"], "modified": "2021-09-29T19:21:00", "cpe": ["cpe:/a:f5:big-ip_global_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:13.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:16.0.1.1", "cpe:/a:f5:big-ip_access_policy_manager:15.1.2", "cpe:/a:f5:big-ip_ddos_hybrid_defender:15.1.2", "cpe:/a:f5:big-ip_ddos_hybrid_defender:13.1.4", "cpe:/a:f5:big-ip_analytics:13.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:15.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.0.1.1", "cpe:/a:f5:big-ip_application_security_manager:13.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:15.1.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.2", "cpe:/a:f5:big-ip_ddos_hybrid_defender:14.1.4", "cpe:/a:f5:big-ip_domain_name_system:14.1.4", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_link_controller:15.1.2", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:16.0.1.1", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.4", "cpe:/a:f5:big-ip_analytics:15.1.2", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.2", "cpe:/a:f5:big-iq_centralized_management:6.1.0", "cpe:/a:f5:big-ip_application_security_manager:15.1.2", "cpe:/a:f5:big-ip_global_traffic_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:14.1.4", "cpe:/a:f5:big-ip_link_controller:14.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.0.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.4", "cpe:/a:f5:big-ip_ssl_orchestrator:13.1.4", "cpe:/a:f5:big-ip_access_policy_manager:16.0.1.1", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4", "cpe:/a:f5:big-iq_centralized_management:7.1.0", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.2", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.2", "cpe:/a:f5:big-iq_centralized_management:8.1.0", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.2", "cpe:/a:f5:big-ip_application_security_manager:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:13.1.4", "cpe:/a:f5:big-ip_link_controller:16.0.1.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:15.1.2", "cpe:/a:f5:big-ip_analytics:14.1.4", "cpe:/a:f5:big-ip_link_controller:13.1.4", "cpe:/a:f5:big-ip_access_policy_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:16.0.1.1", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.4", "cpe:/a:f5:big-ip_ddos_hybrid_defender:16.0.1", "cpe:/a:f5:big-ip_fraud_protection_service:16.0.1.1", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.2", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1.1", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4", "cpe:/a:f5:big-ip_analytics:16.0.1.1", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4"], "id": "CVE-2021-23026", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23026", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ssl_orchestrator:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:6.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:8.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.0.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:54", "description": "On BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23033", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23033"], "modified": "2021-09-27T12:55:00", "cpe": ["cpe:/a:f5:big-ip_advanced_web_application_firewall:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:12.1.6"], "id": "CVE-2021-23033", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23033", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:57", "description": "On BIG-IP 14.1.x before 14.1.4.4, when an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23035", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23035"], "modified": "2021-09-27T16:09:00", "cpe": ["cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4.4", "cpe:/a:f5:big-ip_application_security_manager:14.1.4.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4.4", "cpe:/a:f5:big-ip_analytics:14.1.4.4", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4.4", "cpe:/a:f5:big-ip_domain_name_system:14.1.4.4", "cpe:/a:f5:big-ip_link_controller:14.1.4.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4.4", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4.4", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4.4", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4.4"], "id": "CVE-2021-23035", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23035", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:f5:big-ip_analytics:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4.4:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:27:56", "description": "On BIG-IP version 16.x before 16.1.0 and 15.1.x before 15.1.3.1, when a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23034", "cwe": ["CWE-668"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23034"], "modified": "2021-09-27T16:09:00", "cpe": [], "id": "CVE-2021-23034", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23034", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2022-03-23T14:27:59", "description": "On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-09-14T18:15:00", "type": "cve", "title": "CVE-2021-23037", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23037"], "modified": "2021-09-27T14:22:00", "cpe": ["cpe:/a:f5:big-ip_fraud_protection_service:12.1.6", "cpe:/a:f5:big-ip_analytics:12.1.6", "cpe:/a:f5:big-ip_global_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_domain_name_system:13.1.4", "cpe:/a:f5:big-ip_analytics:11.6.5", "cpe:/a:f5:big-ip_advanced_firewall_manager:15.1.3", "cpe:/a:f5:big-ip_access_policy_manager:11.6.5", "cpe:/a:f5:big-ip_application_security_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:12.1.6", "cpe:/a:f5:big-ip_policy_enforcement_manager:13.1.4", "cpe:/a:f5:big-ip_analytics:13.1.4", "cpe:/a:f5:big-ip_application_security_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:13.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:14.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:16.1.0", "cpe:/a:f5:big-ip_domain_name_system:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:16.1.0", "cpe:/a:f5:big-ip_application_security_manager:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:16.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:15.1.3", "cpe:/a:f5:big-ip_advanced_firewall_manager:14.1.4", "cpe:/a:f5:big-ip_application_acceleration_manager:15.1.3", "cpe:/a:f5:big-ip_application_acceleration_manager:13.1.4", "cpe:/a:f5:big-ip_link_controller:16.1.0", "cpe:/a:f5:big-ip_analytics:16.1.0", "cpe:/a:f5:big-ip_application_security_manager:11.6.5", "cpe:/a:f5:big-ip_domain_name_system:16.1.0", "cpe:/a:f5:big-ip_access_policy_manager:16.1.0", "cpe:/a:f5:big-ip_link_controller:14.1.4", "cpe:/a:f5:big-ip_link_controller:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_application_acceleration_manager:12.1.6", "cpe:/a:f5:big-ip_advanced_firewall_manager:13.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:12.1.6", "cpe:/a:f5:big-ip_link_controller:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:16.1.0", "cpe:/a:f5:big-ip_policy_enforcement_manager:14.1.4", "cpe:/a:f5:big-ip_policy_enforcement_manager:12.1.6", "cpe:/a:f5:big-ip_analytics:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:13.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_application_security_manager:16.1.0", "cpe:/a:f5:big-ip_global_traffic_manager:14.1.4", "cpe:/a:f5:big-ip_advanced_firewall_manager:11.6.5", "cpe:/a:f5:big-ip_local_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_analytics:14.1.4", "cpe:/a:f5:big-ip_access_policy_manager:15.1.3", "cpe:/a:f5:big-ip_access_policy_manager:13.1.4", "cpe:/a:f5:big-ip_link_controller:13.1.4", "cpe:/a:f5:big-ip_fraud_protection_service:15.1.3", "cpe:/a:f5:big-ip_global_traffic_manager:16.1.0", "cpe:/a:f5:big-ip_fraud_protection_service:13.1.4", "cpe:/a:f5:big-ip_global_traffic_manager:11.6.5", "cpe:/a:f5:big-ip_global_traffic_manager:15.1.3", "cpe:/a:f5:big-ip_fraud_protection_service:16.1.0", "cpe:/a:f5:big-ip_local_traffic_manager:12.1.6", "cpe:/a:f5:big-ip_domain_name_system:11.6.5", "cpe:/a:f5:big-ip_policy_enforcement_manager:11.6.5", "cpe:/a:f5:big-ip_access_policy_manager:14.1.4", "cpe:/a:f5:big-ip_domain_name_system:15.1.3", "cpe:/a:f5:big-ip_local_traffic_manager:14.1.4"], "id": "CVE-2021-23037", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23037", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:f5:big-ip_global_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_domain_name_system:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:11.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_fraud_protection_service:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_global_traffic_manager:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_link_controller:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_security_manager:15.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.1.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:28:00", "description": "On version 16.0.x before 16.0.1.2, when a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-14T19:15:00", "type": "cve", "title": "CVE-2021-23036", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23036"], "modified": "2021-09-24T18:58:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager:16.0.1", "cpe:/a:f5:big-ip_advanced_web_application_firewall:16.0.1", "cpe:/a:f5:big-ip_datasafe:16.0.1"], "id": "CVE-2021-23036", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23036", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-ip_application_security_manager:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:16.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_datasafe:16.0.1:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2023-01-11T14:53:31", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K52420610 advisory.\n\n - On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Advanced WAF and BIG-IP ASM TMUI vulnerability (K52420610)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23029"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL52420610.NASL", "href": "https://www.tenable.com/plugins/nessus/152826", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K52420610.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152826);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23029\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : Advanced WAF and BIG-IP ASM TMUI vulnerability (K52420610)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 16.0.1.2 / 16.1.0. It is, therefore, affected\nby a vulnerability as referenced in the K52420610 advisory.\n\n - On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest\n privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application\n Firewall (WAF) and the BIG-IP ASM Configuration utility. Note: Software versions which have reached End of\n Technical Support (EoTS) are not evaluated. (CVE-2021-23029)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K52420610\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K52420610.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23029\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K52420610';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:19", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.6 / 13.1.4 / 14.1.4.1 / 15.1.3 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K41351250 advisory.\n\n - On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, an authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23031)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM vulnerability (K41351250)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23031"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL41351250.NASL", "href": "https://www.tenable.com/plugins/nessus/152823", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K41351250.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152823);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23031\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP Advanced WAF and BIG-IP ASM vulnerability (K41351250)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.6 / 13.1.4 / 14.1.4.1 /\n15.1.3 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K41351250 advisory.\n\n - On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4,\n 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, an authenticated user may perform a privilege escalation\n on the BIG-IP Advanced WAF and ASM Configuration utility. Note: Software versions which have reached End\n of Technical Support (EoTS) are not evaluated. (CVE-2021-23031)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K41351250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K41351250.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23031\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K41351250';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.2','14.1.0-14.1.4','13.1.0-13.1.3','12.1.0-12.1.5','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3','14.1.4.1','13.1.4','12.1.6','11.6.5.3'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:58:22", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.5 / 14.1.3.1 / 15.1.0.5 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K55543151 advisory.\n\n - On version 15.1.x before 15.1.0.5, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all versions of 12.1.x and 11.6.x, an authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23025)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-01T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K55543151)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23025"], "modified": "2021-12-01T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL55543151.NASL", "href": "https://www.tenable.com/plugins/nessus/155753", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K55543151.\n#\n# @NOAGENT@\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155753);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/01\");\n\n script_cve_id(\"CVE-2021-23025\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP TMUI vulnerability (K55543151)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.5 / 14.1.3.1 / 15.1.0.5 / 16.0.0. It\nis, therefore, affected by a vulnerability as referenced in the K55543151 advisory.\n\n - On version 15.1.x before 15.1.0.5, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all versions of\n 12.1.x and 11.6.x, an authenticated remote command execution vulnerability exists in the BIG-IP\n Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not\n evaluated. (CVE-2021-23025)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K55543151\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K55543151.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23025\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/01\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K55543151';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'APM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'ASM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'GTM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'LTM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'PEM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'PSM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n },\n 'WOM': {\n 'affected': [\n '15.0.0-15.1.0','14.1.0-14.1.3','13.1.0-13.1.3','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n 'unaffected': [\n '16.0.0','15.1.0.5','14.1.3.1','13.1.3.5'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:10", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K42051445 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23030)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K42051445)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23030"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL42051445.NASL", "href": "https://www.tenable.com/plugins/nessus/152820", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K42051445.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152820);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23030\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K42051445)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.0.1.2 /\n16.1.0. It is, therefore, affected by a vulnerability as referenced in the K42051445 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x\n before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is\n configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions\n which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23030)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K42051445\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K42051445.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23030\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K42051445';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:54:20", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K05314769 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23033)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K05314769)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23033"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL05314769.NASL", "href": "https://www.tenable.com/plugins/nessus/152816", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K05314769.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152816);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23033\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM WebSocket vulnerability (K05314769)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.3 / 15.1.3.1 / 16.1.0. It\nis, therefore, affected by a vulnerability as referenced in the K05314769 advisory.\n\n - On BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15.1.x before 15.1.3.1, 14.1.x before\n 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a\n virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached\n End of Technical Support (EoTS) are not evaluated. (CVE-2021-23033)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K05314769\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K05314769.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23033\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K05314769';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6'\n ],\n 'unaffected': [\n '16.1.0','15.1.3.1','14.1.4.3','13.1.4.1'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:56:55", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K21435974 advisory.\n\n - On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23037)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-10-28T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : TMUI XSS vulnerability (K21435974)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23037"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip_protocol_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL21435974.NASL", "href": "https://www.tenable.com/plugins/nessus/154700", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K21435974.\n#\n# @NOAGENT@\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154700);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23037\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : TMUI XSS vulnerability (K21435974)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by\na vulnerability as referenced in the K21435974 advisory.\n\n - On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site\n scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that\n allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software\n versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23037)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K21435974\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K21435974.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23037\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/28\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K21435974';\nvar vmatrix = {\n 'AFM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'APM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'ASM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'GTM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'LTM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'PEM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'PSM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n },\n 'WOM': {\n 'affected': [\n '16.0.0-16.1.0','15.1.0-15.1.3','14.1.0-14.1.4','13.1.0-13.1.4','12.1.0-12.1.6','11.6.1-11.6.5'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running any of the affected modules');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T14:53:10", "description": "The version of F5 Networks BIG-IP installed on the remote host is prior to 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K05043394 advisory.\n\n - On version 16.0.x before 16.0.1.2, when a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note:\n Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23036)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : TMM vulnerability (K05043394)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23036"], "modified": "2021-10-28T00:00:00", "cpe": ["cpe:/a:f5:big-ip_application_security_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL05043394.NASL", "href": "https://www.tenable.com/plugins/nessus/152819", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K05043394.\n#\n# @NOAGENT@\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152819);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\"CVE-2021-23036\");\n script_xref(name:\"IAVA\", value:\"2021-A-0394\");\n\n script_name(english:\"F5 Networks BIG-IP : TMM vulnerability (K05043394)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of F5 Networks BIG-IP installed on the remote host is prior to 16.0.1.2 / 16.1.0. It is, therefore, affected\nby a vulnerability as referenced in the K05043394 advisory.\n\n - On version 16.0.x before 16.0.1.2, when a BIG-IP ASM and DataSafe profile are configured on a virtual\n server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note:\n Software versions which have reached End of Technical Support (EoTS) are not evaluated. (CVE-2021-23036)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.f5.com/csp/article/K05043394\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5 Solution K05043394.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23036\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('f5_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar version = get_kb_item('Host/BIG-IP/version');\nif ( ! version ) audit(AUDIT_OS_NOT, 'F5 Networks BIG-IP');\nif ( isnull(get_kb_item('Host/BIG-IP/hotfix')) ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/hotfix');\nif ( ! get_kb_item('Host/BIG-IP/modules') ) audit(AUDIT_KB_MISSING, 'Host/BIG-IP/modules');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar sol = 'K05043394';\nvar vmatrix = {\n 'ASM': {\n 'affected': [\n '16.0.0-16.0.1'\n ],\n 'unaffected': [\n '16.1.0','16.0.1.2'\n ],\n }\n};\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n var extra = NULL;\n if (report_verbosity > 0) extra = bigip_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n}\nelse\n{\n var tested = bigip_get_tested_modules();\n var audit_extra = 'For BIG-IP module(s) ' + tested + ',';\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, 'running the affected module ASM');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}]}

F5 Releases Critical Security Patch for BIG-IP and BIG-IQ Devices

Description

Related