{"vulnerability": "CVE-2021-2303", "sightings": [{"uuid": "6388746b-a180-44ee-9cb4-b44b87e3d235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-23031", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=636", "content": "", "creation_timestamp": "2021-08-26T04:00:00.000000Z"}, {"uuid": "1b3dc465-10f4-4a35-ac94-d66eb4bf4410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23031", "type": "seen", "source": "https://t.me/CyberGovIL/1320", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9 BigIP/BigIQ \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea Com8765 |  F5\n\n\u05d7\u05d1\u05e8\u05ea F5 \u05e4\u05e8\u05e1\u05de\u05d4 \u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05d4\u05ea\u05e8\u05e2\u05d5\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 29 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e9\u05d4\u05ea\u05d2\u05dc\u05d5 \u05d1\u05e6\u05d9\u05d5\u05d3 \u05de\u05e1\u05d5\u05d2 BigIP/BigIQ \u05de\u05ea\u05d5\u05e6\u05e8\u05ea\u05d4.\n\n13 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05e1\u05d5\u05d5\u05d2\u05d5\u05ea \u05d1\u05e1\u05d9\u05d5\u05d5\u05d2 \u05d2\u05d1\u05d5\u05d4. \u05de\u05ea\u05d5\u05db\u05df, \u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d0\u05d7\u05ea \u05e2\u05dc\u05d5\u05dc\u05d4 \u05dc\u05d4\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d1\u05d4\u05d9\u05e0\u05ea\u05df \u05d4\u05e4\u05e2\u05dc\u05d4 \u05e9\u05dc \u05d4\u05e6\u05d9\u05d5\u05d3 \u05d1-Appliance Mode (CVE-2021-23031).\n\n\u05de\u05d5\u05de\u05dc\u05e5 \u05dc\u05d1\u05d7\u05d5\u05df \u05d0\u05ea \u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d4\u05e8\u05dc\u05d5\u05d5\u05e0\u05d8\u05d9\u05d9\u05dd \u05dc\u05e6\u05d9\u05d5\u05d3 \u05e9\u05d1\u05e8\u05e9\u05d5\u05ea\u05db\u05dd, \u05d5\u05dc\u05d4\u05ea\u05e7\u05d9\u05e0\u05dd \u05d1\u05d4\u05e7\u05d3\u05dd \u05d4\u05d0\u05e4\u05e9\u05e8\u05d9.", "creation_timestamp": "2021-08-29T12:28:19.000000Z"}, {"uuid": "5735523a-75e9-421e-80ec-b797e88fdd5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23031", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/4999", "content": "\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9 F5 \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05dc\u05ea\u05d5\u05e7\u05e3, \u05e9\u05d4\u05e6\u05dc\u05d9\u05d7 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05ea\u05d4\u05dc\u05d9\u05da \u05d4\u05d6\u05d3\u05d4\u05d5\u05ea \u05dc\u05de\u05e2\u05e8\u05db\u05ea, \u05dc\u05e7\u05d1\u05dc \u05d2\u05d9\u05e9\u05ea \u05e0\u05d9\u05d4\u05d5\u05dc \u05de\u05dc\u05d0\u05d4.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e4\u05d5\u05e8\u05e1\u05de\u05d4 \u05d1\u05de\u05e1\u05d2\u05e8\u05ea \u05d4\u05e2\u05d3\u05db\u05d5\u05df \u05e9\u05e4\u05d9\u05e8\u05e1\u05de\u05d4 \u05d4\u05d7\u05d5\u05d3\u05e9 \u05d7\u05d1\u05e8\u05ea F5 \u05d4\u05db\u05d5\u05dc\u05dc \u05d8\u05d9\u05e4\u05d5\u05dc \u05d1-30 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e9\u05d5\u05e0\u05d5\u05ea.\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05d4\u05e7\u05e8\u05d9\u05d8\u05d9\u05ea (CVE-2021-23031) \u05e8\u05dc\u05d5\u05d5\u05e0\u05d8\u05d9\u05ea \u05dc\u05de\u05d5\u05e6\u05e8\u05d9 WAF \u05d5-ASM \u05d5\u05ea\u05e7\u05e4\u05d4 \u05d2\u05dd \u05d1\u05de\u05db\u05d5\u05e0\u05d5\u05ea \u05d5\u05d9\u05e8\u05d8\u05d5\u05d0\u05dc\u05d9\u05d5\u05ea \u05d5\u05d2\u05dd \u05d1\u05de\u05db\u05d5\u05e0\u05d5\u05ea \u05e4\u05d9\u05d6\u05d9\u05d5\u05ea.\n\n\u05d4\u05e4\u05e8\u05e1\u05d5\u05dd \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea F5 \u05db\u05d5\u05dc\u05dc \u05d4\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05d4\u05ea\u05e7\u05d9\u05e0\u05d5\u05ea \u05de\u05e4\u05d5\u05e8\u05e1\u05dd \u05db\u05d0\u05df\n\nhttps://t.me/CyberSecurityIL/1263\n\nhttps://www.bleepingcomputer.com/news/security/critical-f5-big-ip-bug-impacts-customers-in-sensitive-sectors/", "creation_timestamp": "2021-08-26T11:47:18.000000Z"}, {"uuid": "faca56b4-6533-41c8-9e17-10822b73aa55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23030", "type": "seen", "source": "https://t.me/cibsecurity/28855", "content": "\u203c CVE-2021-23030 \u203c\n\nOn BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T00:21:58.000000Z"}, {"uuid": "aa0bc2eb-4167-4362-8b98-aae67bc8ed91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23032", "type": "seen", "source": "https://t.me/cibsecurity/28845", "content": "\u203c CVE-2021-23032 \u203c\n\nOn version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a BIG-IP DNS system is configured with non-default Wide IP and pool settings, undisclosed DNS responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T22:23:29.000000Z"}, {"uuid": "eeb921c5-2e46-40dc-8c6c-d4fde0aaee6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23037", "type": "seen", "source": "https://t.me/cibsecurity/28844", "content": "\u203c CVE-2021-23037 \u203c\n\nOn all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T22:23:28.000000Z"}, {"uuid": "97478c99-0fc7-4d68-b83c-460461910af1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23036", "type": "seen", "source": "https://t.me/cibsecurity/28843", "content": "\u203c CVE-2021-23036 \u203c\n\nOn version 16.0.x before 16.0.1.2, when a BIG-IP ASM and DataSafe profile are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T22:23:27.000000Z"}, {"uuid": "bb1baee6-99ef-4874-b712-d62beea38532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23038", "type": "seen", "source": "https://t.me/cibsecurity/28836", "content": "\u203c CVE-2021-23038 \u203c\n\nOn version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T22:23:17.000000Z"}, {"uuid": "7d87c789-e723-431f-af58-6f9951956a88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23031", "type": "seen", "source": "https://t.me/cibsecurity/28838", "content": "\u203c CVE-2021-23031 \u203c\n\nOn version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, an authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T22:23:20.000000Z"}, {"uuid": "5f049712-d011-4f62-a1d5-f70a80c857d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23033", "type": "seen", "source": "https://t.me/cibsecurity/28837", "content": "\u203c CVE-2021-23033 \u203c\n\nOn BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T22:23:18.000000Z"}, {"uuid": "80dd37f1-7094-4d02-83fd-b13369f38ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23039", "type": "seen", "source": "https://t.me/cibsecurity/28841", "content": "\u203c CVE-2021-23039 \u203c\n\nOn version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote (IPSec) peer, which already has a negotiated Security Association, can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T22:23:24.000000Z"}, {"uuid": "f9a5738a-0a65-4c00-b8fe-1e03c5e15e08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23034", "type": "seen", "source": "https://t.me/cibsecurity/28840", "content": "\u203c CVE-2021-23034 \u203c\n\nOn BIG-IP version 16.x before 16.1.0 and 15.1.x before 15.1.3.1, when a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T22:23:22.000000Z"}, {"uuid": "c5e6a24e-f1aa-491f-80d2-7975751d811a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-23035", "type": "seen", "source": "https://t.me/cibsecurity/28839", "content": "\u203c CVE-2021-23035 \u203c\n\nOn BIG-IP 14.1.x before 14.1.4.4, when an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T22:23:21.000000Z"}]}