CVE-2021-23012
Vulnerability from cvelistv5
Published
2021-05-10 14:08
Modified
2024-08-03 18:58
Severity ?
Summary
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x before 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either "Resource Administrator" or "Administrator" roles to execute arbitrary bash commands on BIG-IP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
f5sirt@f5.comhttps://support.f5.com/csp/article/K04234247Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K04234247Vendor Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:58:26.265Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K04234247"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIG-IP",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "16.0.x before 16.0.1.1, 15.1.x before 15.1.3,\u00a014.1.x before 14.1.4, and 13.1.x before 13.1.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x before 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either \"Resource Administrator\" or \"Administrator\" roles to execute arbitrary bash commands on BIG-IP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Privilege escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-10T14:08:13",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.f5.com/csp/article/K04234247"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "f5sirt@f5.com",
          "ID": "CVE-2021-23012",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIG-IP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "16.0.x before 16.0.1.1, 15.1.x before 15.1.3,\u00a014.1.x before 14.1.4, and 13.1.x before 13.1.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x before 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either \"Resource Administrator\" or \"Administrator\" roles to execute arbitrary bash commands on BIG-IP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Privilege escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.f5.com/csp/article/K04234247",
              "refsource": "MISC",
              "url": "https://support.f5.com/csp/article/K04234247"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2021-23012",
    "datePublished": "2021-05-10T14:08:13",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:58:26.265Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"0F975B09-678D-49A3-9BCE-C4F3BF45B0BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"FB553A20-D521-4A32-AD49-8FFD5A95E684\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"5F04F2FB-12C2-4BC4-AFBB-9DA82E53D7EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"A7706F70-BF89-480E-9AA6-3FE447375138\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"5A3D475E-7F63-4635-A5E4-83141D483E42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"DD3FC6D2-5816-47C0-81AE-DED62570F090\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"FA17368C-7B1F-4B73-8296-3FC2656C0F04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"0A84A8D4-9047-46D2-9C26-03C977D47AE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"5360871B-4642-4FD5-A63E-5B70B7FD7F5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndIncluding\": \"14.1.4\", \"matchCriteriaId\": \"D2A1BB14-BEB5-43DD-878D-83E51FBFD4E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"55E9A0EB-8118-400B-B901-80A8AAFC212F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"6B9117DA-6AA9-4704-A092-B1D426E6370D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"8B4FC017-1567-4D02-A594-7F46090C5828\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"F2442894-A473-49A5-95B6-6312C3407FE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"3EC583B6-59E2-431B-A574-0A700F5713A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"4AE6833C-FF7C-4249-BF98-453645EEF8D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"7816C2AB-A2E1-467B-A865-ED4E5AE6268A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"78F5DCAD-BE4E-4D57-82CD-ADAB32691A9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"06D8F5CC-FD05-42EA-A3F2-49BB4A5009F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"51E3E0A3-8A75-43F8-8E8A-0C07345B88FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"75799571-1EF3-49A1-875D-0E97986BF9D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"8B318D4F-0D42-46CD-A5A9-02337BB1D2F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"23CFD951-1C6F-4EE5-B8AA-06F29744F082\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"7BB77EFF-A064-4475-A93C-5D5BA9313724\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"44513347-AC7C-4F28-85FC-3808C8F2446D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"AE2899E6-ABEF-4B61-AB8D-AF060D571196\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"92C9E947-BEF9-44CF-B129-D2BC0ECD5588\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"40239D12-142E-4D36-A89E-0F7AB91B665A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"70C8C72D-B266-4BAD-A3E8-A9BE508D07A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"F7C6025C-7283-4568-929B-CFA11423E179\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"E2E2832C-0C5D-4051-A85B-162C5BF11DEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"87CA1319-92D4-4C2F-B5D4-A2E86F538007\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"8700A87A-30F8-4497-B429-2237AC1C064B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"BBBAD42C-06D5-437F-AB92-1DCC23C1A78B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"247A56A6-5486-49C4-88B1-4251337044AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"7FE9EF68-055B-40B2-A676-C4C7FAAF77B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"BF3949EF-0D27-4868-B136-996B4D38D9B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"3DB5F9D2-C452-4469-9626-15FA11960A9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"9E599573-DAE5-4481-9BA0-7796D7101E67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"BD28DA4B-F671-41B8-B231-24D28682FE8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"BF6A13AE-9A16-4A69-A793-21CF85220073\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"57388787-F9DF-4930-ACBC-F3D1DAA53190\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"D67E4394-E1CC-4492-95E7-DCDA13049517\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"47980A60-F9B6-47EE-AD74-4D6D03A71AD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"87294E83-8020-4904-9244-326FAF3A1E92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"0AF0D639-0210-47D0-8680-6E09F0111D5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"1B6F6F41-B775-4A79-8284-C7BE0DA49DAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"B0901863-B55A-4C97-B9AC-B537D242D2BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"3F241FCC-B063-46F2-B646-FB093AAFF216\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"704DF342-2CB5-4791-BF30-294D07B53653\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"50D58AEB-BB36-45A9-99D7-DC028F900707\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"85065C6E-71F2-42B8-A169-51174987B8AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"13.1.0\", \"versionEndExcluding\": \"13.1.4\", \"matchCriteriaId\": \"0C0A2074-4C85-40B4-9D53-3E848E6D5DDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.1.0\", \"versionEndExcluding\": \"14.1.4\", \"matchCriteriaId\": \"30CAABDE-CA8C-4F0A-B4D1-0633557AD5E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.1.0\", \"versionEndExcluding\": \"15.1.3\", \"matchCriteriaId\": \"2F071628-CC1B-4465-933D-7E5302DCC3A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"16.0.0\", \"versionEndExcluding\": \"16.0.1.1\", \"matchCriteriaId\": \"E4ADE8D9-D1EF-4591-AB3C-93D06BE701EC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x before 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either \\\"Resource Administrator\\\" or \\\"Administrator\\\" roles to execute arbitrary bash commands on BIG-IP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\"}, {\"lang\": \"es\", \"value\": \"En BIG-IP las versiones 16.0.x anteriores a 16.0.1.1, versiones 15.1.x anteriores a 15.1.3, 14.1.x anteriores a 14.1.4 y versiones 13.1.x anteriores a 13.1.4, falta de validaci\\u00f3n de entrada para los elementos utilizados en la funcionalidad de soporte del sistema puede permitir que los usuarios a los que se les otorguen roles de \\\"Resource Administrator\\\" o \\\"Administrator\\\" ejecutar comandos bash arbitrarios en BIG-IP.\u0026#xa0;Nota: No se eval\\u00faan las versiones de software que hayan alcanzado el End of Technical Support (EoTS)\"}]",
      "id": "CVE-2021-23012",
      "lastModified": "2024-11-21T05:51:08.933",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.5, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-05-10T15:15:07.427",
      "references": "[{\"url\": \"https://support.f5.com/csp/article/K04234247\", \"source\": \"f5sirt@f5.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K04234247\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "f5sirt@f5.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-23012\",\"sourceIdentifier\":\"f5sirt@f5.com\",\"published\":\"2021-05-10T15:15:07.427\",\"lastModified\":\"2024-11-21T05:51:08.933\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x before 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either \\\"Resource Administrator\\\" or \\\"Administrator\\\" roles to execute arbitrary bash commands on BIG-IP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\"},{\"lang\":\"es\",\"value\":\"En BIG-IP las versiones 16.0.x anteriores a 16.0.1.1, versiones 15.1.x anteriores a 15.1.3, 14.1.x anteriores a 14.1.4 y versiones 13.1.x anteriores a 13.1.4, falta de validaci\u00f3n de entrada para los elementos utilizados en la funcionalidad de soporte del sistema puede permitir que los usuarios a los que se les otorguen roles de \\\"Resource Administrator\\\" o \\\"Administrator\\\" ejecutar comandos bash arbitrarios en BIG-IP.\u0026#xa0;Nota: No se eval\u00faan las versiones de software que hayan alcanzado el End of Technical Support (EoTS)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.5,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"0F975B09-678D-49A3-9BCE-C4F3BF45B0BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"FB553A20-D521-4A32-AD49-8FFD5A95E684\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"5F04F2FB-12C2-4BC4-AFBB-9DA82E53D7EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"A7706F70-BF89-480E-9AA6-3FE447375138\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"5A3D475E-7F63-4635-A5E4-83141D483E42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"DD3FC6D2-5816-47C0-81AE-DED62570F090\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"FA17368C-7B1F-4B73-8296-3FC2656C0F04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"0A84A8D4-9047-46D2-9C26-03C977D47AE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"5360871B-4642-4FD5-A63E-5B70B7FD7F5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndIncluding\":\"14.1.4\",\"matchCriteriaId\":\"D2A1BB14-BEB5-43DD-878D-83E51FBFD4E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"55E9A0EB-8118-400B-B901-80A8AAFC212F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"6B9117DA-6AA9-4704-A092-B1D426E6370D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"8B4FC017-1567-4D02-A594-7F46090C5828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"F2442894-A473-49A5-95B6-6312C3407FE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"3EC583B6-59E2-431B-A574-0A700F5713A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"4AE6833C-FF7C-4249-BF98-453645EEF8D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"7816C2AB-A2E1-467B-A865-ED4E5AE6268A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"78F5DCAD-BE4E-4D57-82CD-ADAB32691A9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"06D8F5CC-FD05-42EA-A3F2-49BB4A5009F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"51E3E0A3-8A75-43F8-8E8A-0C07345B88FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"75799571-1EF3-49A1-875D-0E97986BF9D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"8B318D4F-0D42-46CD-A5A9-02337BB1D2F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"23CFD951-1C6F-4EE5-B8AA-06F29744F082\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"7BB77EFF-A064-4475-A93C-5D5BA9313724\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"44513347-AC7C-4F28-85FC-3808C8F2446D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"AE2899E6-ABEF-4B61-AB8D-AF060D571196\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"92C9E947-BEF9-44CF-B129-D2BC0ECD5588\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"40239D12-142E-4D36-A89E-0F7AB91B665A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"70C8C72D-B266-4BAD-A3E8-A9BE508D07A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"F7C6025C-7283-4568-929B-CFA11423E179\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"E2E2832C-0C5D-4051-A85B-162C5BF11DEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"87CA1319-92D4-4C2F-B5D4-A2E86F538007\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"8700A87A-30F8-4497-B429-2237AC1C064B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"BBBAD42C-06D5-437F-AB92-1DCC23C1A78B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"247A56A6-5486-49C4-88B1-4251337044AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"7FE9EF68-055B-40B2-A676-C4C7FAAF77B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"BF3949EF-0D27-4868-B136-996B4D38D9B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"3DB5F9D2-C452-4469-9626-15FA11960A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"9E599573-DAE5-4481-9BA0-7796D7101E67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"BD28DA4B-F671-41B8-B231-24D28682FE8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"BF6A13AE-9A16-4A69-A793-21CF85220073\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"57388787-F9DF-4930-ACBC-F3D1DAA53190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"D67E4394-E1CC-4492-95E7-DCDA13049517\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"47980A60-F9B6-47EE-AD74-4D6D03A71AD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"87294E83-8020-4904-9244-326FAF3A1E92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"0AF0D639-0210-47D0-8680-6E09F0111D5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"1B6F6F41-B775-4A79-8284-C7BE0DA49DAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"B0901863-B55A-4C97-B9AC-B537D242D2BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"3F241FCC-B063-46F2-B646-FB093AAFF216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"704DF342-2CB5-4791-BF30-294D07B53653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"50D58AEB-BB36-45A9-99D7-DC028F900707\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"85065C6E-71F2-42B8-A169-51174987B8AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndExcluding\":\"13.1.4\",\"matchCriteriaId\":\"0C0A2074-4C85-40B4-9D53-3E848E6D5DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.1.0\",\"versionEndExcluding\":\"14.1.4\",\"matchCriteriaId\":\"30CAABDE-CA8C-4F0A-B4D1-0633557AD5E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.1.0\",\"versionEndExcluding\":\"15.1.3\",\"matchCriteriaId\":\"2F071628-CC1B-4465-933D-7E5302DCC3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0.0\",\"versionEndExcluding\":\"16.0.1.1\",\"matchCriteriaId\":\"E4ADE8D9-D1EF-4591-AB3C-93D06BE701EC\"}]}]}],\"references\":[{\"url\":\"https://support.f5.com/csp/article/K04234247\",\"source\":\"f5sirt@f5.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K04234247\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.