CVE-2021-22979
Vulnerability from cvelistv5
Published
2021-02-12 17:55
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility when Fraud Protection Service is provisioned and allows an attacker to execute JavaScript in the context of the current logged-in user. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| f5sirt@f5.com | https://support.f5.com/csp/article/K63497634 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K63497634 | Vendor Advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K63497634"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIG-IP",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility when Fraud Protection Service is provisioned and allows an attacker to execute JavaScript in the context of the current logged-in user. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-12T17:55:15",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.f5.com/csp/article/K63497634"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2021-22979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value": "16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility when Fraud Protection Service is provisioned and allows an attacker to execute JavaScript in the context of the current logged-in user. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K63497634",
"refsource": "MISC",
"url": "https://support.f5.com/csp/article/K63497634"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2021-22979",
"datePublished": "2021-02-12T17:55:15",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T18:58:26.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"6C3B5688-0235-4D4F-A26C-440FF24A1B43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"92233BA4-276B-46F4-94E2-423B8EB2074D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"874C243A-5A16-4942-AE90-A1B0D4078192\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"C0F7F86F-EB88-44C8-83A4-2FC48CF39B73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"3F3F98DD-C142-4030-AD11-A3129D5FFEA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"151ED6D1-AA85-4213-8F3A-8167CBEC4721\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"29AE9C3B-C87C-4D48-8C74-A25CE73C3C97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"81A56F9E-5939-4252-8643-0F768AE39E79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"60500DD5-0163-40B8-961B-64E1634B456F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"1247022A-F95F-4DF6-87AC-2E6757B01DC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"322AA283-E494-45E0-975E-2725E2FCC2DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"6DED2933-E11F-4C59-9DEC-9C8A563EB324\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"89BDE0D7-10DF-4A47-8127-2674861F5D9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"AA0EA8E7-D84B-4C28-8D90-9A1EF9F6778F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"F7034BE5-23A6-47FA-9D80-3F3CF29DA2B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"5D5AA99B-08E7-4959-A3B4-41AA527B4B22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"46362DA5-7B1C-4944-9B16-7C46FCB091EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"350E17D3-C6D3-407F-B413-0D3D07A9A735\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"4B62CF9F-F861-4AA3-9B2C-EDDA465BA06A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"F491CF7C-EC9A-4413-9B84-459FE83E0AF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"9DC86A5F-C793-4848-901F-04BFB57A07F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"FD000EE7-2559-4D41-8DFD-2358F24EA804\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"AF90FBA3-69FA-4053-A749-E7F635A284C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"4770A77A-13EF-4E35-B006-48018F617FAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"D54A135F-CD1E-41AD-82C3-F15A21AA87BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"2E5552A3-91CD-4B97-AD33-4F1FB4C8827A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"A4AFCA70-BF3B-41DA-B0DE-03E91F3B372A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"A76C1855-461C-4539-98CD-C22363B8AFE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"FDD7AFF9-61D8-4D1B-BAD6-F74AD0CD364E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"C3B360C4-C9E2-4889-ADD5-3482E69BA8E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"2E42E5C6-2E8F-4879-A5A9-3FE8422D0445\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"6E3A8E8E-E758-43F1-889B-58B171DBCE18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"6B51EF9A-7E41-4932-8FC5-CF4A056AD017\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"63956262-A3D2-4D99-B710-E924277732DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"3448CBCB-D42E-4DAA-A52F-4225B2EB022A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"55C2EC23-E78F-4447-BACF-21FC36ABF155\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"E25DC6CD-8A17-4C18-A8DA-CC7BD131812D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"786C0192-BC78-463F-8305-E890F63F153B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"61441082-FDA0-485E-B945-E6216DCCED43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"B7466098-C689-4E4B-879F-0433A020FDBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"945A19E8-51EB-42FE-9BF1-12DAC78B5286\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"BA52F4CD-599A-4FAB-B172-80156A9A409D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"3798475B-3AA3-4DA2-A933-D49024C5C8C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"DAB5474D-11C7-4CA1-9386-8F12FD95CCB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"574397F4-0234-48D3-B024-D7963A41E21C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"EB5007D0-BBDB-4D74-9C88-98FBA74757D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"CA7122D0-588F-4D3E-B4D7-086413255E7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"50DCC8F9-3393-4131-9B85-EBC2F9EEF4D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"B5F5C326-1BCE-47FC-A334-B485C755AAE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"EB7047B3-A248-424C-98D8-A0DD99A86F50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"B7725810-66D2-4460-A174-9F3BFAD966F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"FFDEE0E6-3A43-40C5-896B-A993CEC4A868\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"75AB65FB-DC81-4F50-BC2A-BCAD1EC22635\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"0E48624E-6D03-423A-9232-6847E4A0AAFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"15439AAC-1535-4087-9170-C885716736F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"EFD760FE-4347-4D36-B5C6-4009398060F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"505AA546-BE89-4BE2-8C6D-6E487716A429\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"66B64305-66FB-4C99-BD1A-BFE7BE23EE87\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"FD2B708E-78D3-4016-9176-C364CBE20DA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"4F9D19B2-1D89-4917-A82E-289EDE52C68F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"65B76F53-7D8B-477E-8B6E-91AC0A9009FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"C30C3FE3-BBA8-4CE4-BEE7-82A24F64FE7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"8134C56F-5979-4501-99BC-40A9921EAAE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"240E6558-C486-4FEB-A7AC-CCB3692D4331\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"E0319299-FCCE-4B8F-8DB5-83AF0C3D68D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"12.1.0\", \"versionEndIncluding\": \"12.1.5\", \"matchCriteriaId\": \"440C631C-1C66-4A26-BE28-D3D1CCC4AD2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.3.5\", \"matchCriteriaId\": \"40F9AD60-A67D-444C-83BE-11D2F7814572\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.2.8\", \"matchCriteriaId\": \"DB4A0FA4-0B86-48F9-BDC7-DD11081B9C75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.1\", \"matchCriteriaId\": \"730C6B1F-6C5F-4ED3-AE0B-1E8C4B273734\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1\", \"matchCriteriaId\": \"21471F72-32D3-4D10-B261-731699D0619F\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility when Fraud Protection Service is provisioned and allows an attacker to execute JavaScript in the context of the current logged-in user. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.\"}, {\"lang\": \"es\", \"value\": \"En BIG-IP versiones 16.0.x anteriores a 16.0.1, versiones 15.1.x anteriores a 15.1.1, versiones 14.1.x anteriores a 14.1.2.8, versiones 13.1.x anteriores a 13.1.3.5 y todas las versiones de 12.1.x, una vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejado se presenta en una p\\u00e1gina no revelada de la utilidad de Configuraci\\u00f3n de BIG-IP cuando Fraud Protection Service es aprovisionado y permite a un atacante ejecutar JavaScript en el contexto del usuario que ha iniciado sesi\\u00f3n actualmente.\u0026#xa0;Nota: No son evaluadas las versiones de software que han alcanzado End of Software Development (EoSD)\"}]",
"id": "CVE-2021-22979",
"lastModified": "2024-11-21T05:51:03.523",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2021-02-12T18:15:12.673",
"references": "[{\"url\": \"https://support.f5.com/csp/article/K63497634\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K63497634\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-22979\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2021-02-12T18:15:12.673\",\"lastModified\":\"2024-11-21T05:51:03.523\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility when Fraud Protection Service is provisioned and allows an attacker to execute JavaScript in the context of the current logged-in user. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.\"},{\"lang\":\"es\",\"value\":\"En BIG-IP versiones 16.0.x anteriores a 16.0.1, versiones 15.1.x anteriores a 15.1.1, versiones 14.1.x anteriores a 14.1.2.8, versiones 13.1.x anteriores a 13.1.3.5 y todas las versiones de 12.1.x, una vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejado se presenta en una p\u00e1gina no revelada de la utilidad de Configuraci\u00f3n de BIG-IP cuando Fraud Protection Service es aprovisionado y permite a un atacante ejecutar JavaScript en el contexto del usuario que ha iniciado sesi\u00f3n actualmente.\u0026#xa0;Nota: No son evaluadas las versiones de software que han alcanzado End of Software Development (EoSD)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"6C3B5688-0235-4D4F-A26C-440FF24A1B43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"92233BA4-276B-46F4-94E2-423B8EB2074D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"874C243A-5A16-4942-AE90-A1B0D4078192\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"C0F7F86F-EB88-44C8-83A4-2FC48CF39B73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"3F3F98DD-C142-4030-AD11-A3129D5FFEA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"151ED6D1-AA85-4213-8F3A-8167CBEC4721\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"29AE9C3B-C87C-4D48-8C74-A25CE73C3C97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"81A56F9E-5939-4252-8643-0F768AE39E79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"60500DD5-0163-40B8-961B-64E1634B456F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"1247022A-F95F-4DF6-87AC-2E6757B01DC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"322AA283-E494-45E0-975E-2725E2FCC2DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"6DED2933-E11F-4C59-9DEC-9C8A563EB324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"89BDE0D7-10DF-4A47-8127-2674861F5D9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"AA0EA8E7-D84B-4C28-8D90-9A1EF9F6778F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"F7034BE5-23A6-47FA-9D80-3F3CF29DA2B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"5D5AA99B-08E7-4959-A3B4-41AA527B4B22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"46362DA5-7B1C-4944-9B16-7C46FCB091EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"350E17D3-C6D3-407F-B413-0D3D07A9A735\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"4B62CF9F-F861-4AA3-9B2C-EDDA465BA06A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"F491CF7C-EC9A-4413-9B84-459FE83E0AF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"9DC86A5F-C793-4848-901F-04BFB57A07F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"FD000EE7-2559-4D41-8DFD-2358F24EA804\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"AF90FBA3-69FA-4053-A749-E7F635A284C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"4770A77A-13EF-4E35-B006-48018F617FAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"D54A135F-CD1E-41AD-82C3-F15A21AA87BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"2E5552A3-91CD-4B97-AD33-4F1FB4C8827A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"A4AFCA70-BF3B-41DA-B0DE-03E91F3B372A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"A76C1855-461C-4539-98CD-C22363B8AFE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"FDD7AFF9-61D8-4D1B-BAD6-F74AD0CD364E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"C3B360C4-C9E2-4889-ADD5-3482E69BA8E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"2E42E5C6-2E8F-4879-A5A9-3FE8422D0445\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"6E3A8E8E-E758-43F1-889B-58B171DBCE18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"6B51EF9A-7E41-4932-8FC5-CF4A056AD017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"63956262-A3D2-4D99-B710-E924277732DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"3448CBCB-D42E-4DAA-A52F-4225B2EB022A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"55C2EC23-E78F-4447-BACF-21FC36ABF155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"E25DC6CD-8A17-4C18-A8DA-CC7BD131812D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"786C0192-BC78-463F-8305-E890F63F153B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"61441082-FDA0-485E-B945-E6216DCCED43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"B7466098-C689-4E4B-879F-0433A020FDBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"945A19E8-51EB-42FE-9BF1-12DAC78B5286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"BA52F4CD-599A-4FAB-B172-80156A9A409D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"3798475B-3AA3-4DA2-A933-D49024C5C8C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"DAB5474D-11C7-4CA1-9386-8F12FD95CCB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"574397F4-0234-48D3-B024-D7963A41E21C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"EB5007D0-BBDB-4D74-9C88-98FBA74757D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"CA7122D0-588F-4D3E-B4D7-086413255E7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"50DCC8F9-3393-4131-9B85-EBC2F9EEF4D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"B5F5C326-1BCE-47FC-A334-B485C755AAE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"EB7047B3-A248-424C-98D8-A0DD99A86F50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"B7725810-66D2-4460-A174-9F3BFAD966F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"FFDEE0E6-3A43-40C5-896B-A993CEC4A868\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"75AB65FB-DC81-4F50-BC2A-BCAD1EC22635\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"0E48624E-6D03-423A-9232-6847E4A0AAFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"15439AAC-1535-4087-9170-C885716736F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"EFD760FE-4347-4D36-B5C6-4009398060F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"505AA546-BE89-4BE2-8C6D-6E487716A429\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"66B64305-66FB-4C99-BD1A-BFE7BE23EE87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"FD2B708E-78D3-4016-9176-C364CBE20DA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"4F9D19B2-1D89-4917-A82E-289EDE52C68F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"65B76F53-7D8B-477E-8B6E-91AC0A9009FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"C30C3FE3-BBA8-4CE4-BEE7-82A24F64FE7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"8134C56F-5979-4501-99BC-40A9921EAAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"240E6558-C486-4FEB-A7AC-CCB3692D4331\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"E0319299-FCCE-4B8F-8DB5-83AF0C3D68D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.5\",\"matchCriteriaId\":\"440C631C-1C66-4A26-BE28-D3D1CCC4AD2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.3.5\",\"matchCriteriaId\":\"40F9AD60-A67D-444C-83BE-11D2F7814572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.2.8\",\"matchCriteriaId\":\"DB4A0FA4-0B86-48F9-BDC7-DD11081B9C75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.1\",\"matchCriteriaId\":\"730C6B1F-6C5F-4ED3-AE0B-1E8C4B273734\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1\",\"matchCriteriaId\":\"21471F72-32D3-4D10-B261-731699D0619F\"}]}]}],\"references\":[{\"url\":\"https://support.f5.com/csp/article/K63497634\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K63497634\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.