Lucene search

F5F5:K55543151

HistoryAug 24, 2021 - 12:00 a.m.

K55543151 : BIG-IP TMUI vulnerability CVE-2021-23025

2021-08-2400:00:00

my.f5.com

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.8%

JSON

Security Advisory Description

An authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility. (CVE-2021-23025)

Impact

This vulnerability may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.

This vulnerability may result in complete system compromise.

CPENameOperatorVersion
big-iq centralized managementeq6.0.1
big-iq centralized managementeq6.1.0
big-iq centralized managementeq7.0.0
big-iq centralized managementeq7.1.0
big-iq centralized managementeq8.0.0
big-iq centralized managementeq8.1.0
big-ip afmeq11.6.1
big-ip afmeq11.6.2
big-ip afmeq11.6.3
big-ip afmeq11.6.4

Name	Operator	Version
big-iq centralized management	eq	6.0.1
big-iq centralized management	eq	6.1.0
big-iq centralized management	eq	7.0.0
big-iq centralized management	eq	7.1.0
big-iq centralized management	eq	8.0.0
big-iq centralized management	eq	8.1.0
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2
big-ip afm	eq	11.6.3
big-ip afm	eq	11.6.4

Rows per page:

1-10 of 2911