A SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. (CVE-2021-23040)
Impact
An authenticated attacker can exploit this vulnerability to execute malicious SQL statements through the BIG-IP Configuration utility.