Insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. (CVE-2021-23029)
Impact
An attacker with network access to the management interface and authenticated with guest privileges may be able to perform an SSRF attack.