Lucene search
F5CVELIST:CVE-2021-22974HistoryFeb 12, 2021 - 4:23 p.m.
CVE-2021-22974
2021-02-1216:23:27
f5
www.cve.org
1
0.001 Low
EPSS
Percentile
42.1%
On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6 and all versions of BIG-IQ 7.x and 6.x, an authenticated attacker with access to iControl REST over the control plane may be able to take advantage of a race condition to execute commands with an elevated privilege level. This vulnerability is due to an incomplete fix for CVE-2017-6167. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
CNA Affected
[
{
"product": "BIG-IP, BIG-IQ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6 and all versions of BIG-IQ 7.x and 6.x"
}
]
}
]References
Related
nvd
nvd
CVE-2021-22974
2021-02-12 17:15:14
CVE-2017-6167
2017-12-21 17:29:00
cve
cve
CVE-2021-22974
2021-02-12 17:15:14
CVE-2017-6167
2017-12-21 17:29:00
nessus
nessus
F5 Networks BIG-IP : iControl REST vulnerability (K68652018)
2021-02-11 00:00:00
F5 Networks BIG-IP : iControl REST vulnerability (K24465120)
2018-11-02 00:00:00
prion
prion
Race condition
2021-02-12 17:15:00
Race condition
2017-12-21 17:29:00
f5
f5
K68652018 : iControl REST vulnerability CVE-2021-22974
2021-02-10 00:00:00
K24465120 : iControl REST vulnerability CVE-2017-6167
2017-12-20 00:00:00
cvelist
cvelist
CVE-2017-6167
2017-12-20 00:00:00