CVE-2021-22987
First published: Wed Mar 31 2021(Updated: )
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3 when running in Appliance mode, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.
Credit: f5sirt@f5.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 Access Policy Manager | >=11.6.1<11.6.5.3 | |
| F5 Access Policy Manager | >=12.1.0<12.1.5.3 | |
| F5 Access Policy Manager | >=13.1.0<13.1.3.6 | |
| F5 Access Policy Manager | >=14.1.0<14.1.4 | |
| F5 Access Policy Manager | >=15.1.0<15.1.2.1 | |
| F5 Access Policy Manager | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP Advanced Firewall Manager | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP Advanced Firewall Manager | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP Advanced Firewall Manager | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP Advanced Firewall Manager | >=14.1.0<14.1.4 | |
| F5 BIG-IP Advanced Firewall Manager | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP Advanced Firewall Manager | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP Advanced WAF/ASM | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP Advanced WAF/ASM | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP Advanced WAF/ASM | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP Advanced WAF/ASM | >=14.1.0<14.1.4 | |
| F5 BIG-IP Advanced WAF/ASM | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP Advanced WAF/ASM | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP Analytics | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP Analytics | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP Analytics | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP Analytics | >=14.1.0<14.1.4 | |
| F5 BIG-IP Analytics | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP Analytics | >=16.0.0<16.0.1.1 | |
| f5 big-ip application acceleration manager | >=11.6.1<11.6.5.3 | |
| f5 big-ip application acceleration manager | >=12.1.0<12.1.5.3 | |
| f5 big-ip application acceleration manager | >=13.1.0<13.1.3.6 | |
| f5 big-ip application acceleration manager | >=14.1.0<14.1.4 | |
| f5 big-ip application acceleration manager | >=15.1.0<15.1.2.1 | |
| f5 big-ip application acceleration manager | >=16.0.0<16.0.1.1 | |
| F5 Application Security Manager | >=11.6.1<11.6.5.3 | |
| F5 Application Security Manager | >=12.1.0<12.1.5.3 | |
| F5 Application Security Manager | >=13.1.0<13.1.3.6 | |
| F5 Application Security Manager | >=14.1.0<14.1.4 | |
| F5 Application Security Manager | >=15.1.0<15.1.2.1 | |
| F5 Application Security Manager | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP DDoS Hybrid Defender | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP DDoS Hybrid Defender | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP DDoS Hybrid Defender | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP DDoS Hybrid Defender | >=14.1.0<14.1.4 | |
| F5 BIG-IP DDoS Hybrid Defender | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP DDoS Hybrid Defender | >=16.0.0<16.0.1.1 | |
| f5 big-ip domain name system | >=11.6.1<11.6.5.3 | |
| f5 big-ip domain name system | >=12.1.0<12.1.5.3 | |
| f5 big-ip domain name system | >=13.1.0<13.1.3.6 | |
| f5 big-ip domain name system | >=14.1.0<14.1.4 | |
| f5 big-ip domain name system | >=15.1.0<15.1.2.1 | |
| f5 big-ip domain name system | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP fraud protection services | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP fraud protection services | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP fraud protection services | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP fraud protection services | >=14.1.0<14.1.4 | |
| F5 BIG-IP fraud protection services | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP fraud protection services | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP Global Traffic Manager | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP Global Traffic Manager | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP Global Traffic Manager | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP Global Traffic Manager | >=14.1.0<14.1.4 | |
| F5 BIG-IP Global Traffic Manager | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP Global Traffic Manager | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP | >=14.1.0<14.1.4 | |
| F5 BIG-IP | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP Local Traffic Manager | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP Local Traffic Manager | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP Local Traffic Manager | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP Local Traffic Manager | >=14.1.0<14.1.4 | |
| F5 BIG-IP Local Traffic Manager | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP Local Traffic Manager | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP Policy Enforcement Manager | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP Policy Enforcement Manager | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP Policy Enforcement Manager | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP Policy Enforcement Manager | >=14.1.0<14.1.4 | |
| F5 BIG-IP Policy Enforcement Manager | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP Policy Enforcement Manager | >=16.0.0<16.0.1.1 | |
| F5 BIG-IP SSL Orchestrator | >=11.6.1<11.6.5.3 | |
| F5 BIG-IP SSL Orchestrator | >=12.1.0<12.1.5.3 | |
| F5 BIG-IP SSL Orchestrator | >=13.1.0<13.1.3.6 | |
| F5 BIG-IP SSL Orchestrator | >=14.1.0<14.1.4 | |
| F5 BIG-IP SSL Orchestrator | >=15.1.0<15.1.2.1 | |
| F5 BIG-IP SSL Orchestrator | >=16.0.0<16.0.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-22987?
CVE-2021-22987 is rated as a high-severity vulnerability due to potential unauthorized access to sensitive configurations.
How do I fix CVE-2021-22987?
To resolve CVE-2021-22987, upgrade F5 BIG-IP to versions 16.0.1.1 or later, 15.1.2.1 or later, 14.1.4 or later, 13.1.3.6 or later, or 12.1.5.3 or later.
What systems are affected by CVE-2021-22987?
CVE-2021-22987 affects F5 BIG-IP versions prior to 16.0.1.1, 15.1.2.1, 14.1.4, 13.1.3.6, 12.1.5.3, and 11.6.5.3 running in Appliance mode.
Is there a workaround for CVE-2021-22987?
There are no known workarounds for CVE-2021-22987; the only effective mitigation is to upgrade to a fixed version.
What could happen if CVE-2021-22987 is exploited?
Exploitation of CVE-2021-22987 could allow an attacker to gain unauthorized access to the Traffic Management User Interface (TMUI) and potentially compromise the system.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/f5
- canonical/f5 access policy manager
- version/f5 access policy manager/11.6.1
- version/f5 access policy manager/12.1.0
- version/f5 access policy manager/13.1.0
- version/f5 access policy manager/14.1.0
- version/f5 access policy manager/15.1.0
- version/f5 access policy manager/16.0.0
- canonical/f5 big-ip advanced firewall manager
- version/f5 big-ip advanced firewall manager/11.6.1
- version/f5 big-ip advanced firewall manager/12.1.0
- version/f5 big-ip advanced firewall manager/13.1.0
- version/f5 big-ip advanced firewall manager/14.1.0
- version/f5 big-ip advanced firewall manager/15.1.0
- version/f5 big-ip advanced firewall manager/16.0.0
- canonical/f5 big-ip advanced waf/asm
- version/f5 big-ip advanced waf/asm/11.6.1
- version/f5 big-ip advanced waf/asm/12.1.0
- version/f5 big-ip advanced waf/asm/13.1.0
- version/f5 big-ip advanced waf/asm/14.1.0
- version/f5 big-ip advanced waf/asm/15.1.0
- version/f5 big-ip advanced waf/asm/16.0.0
- canonical/f5 big-ip analytics
- version/f5 big-ip analytics/11.6.1
- version/f5 big-ip analytics/12.1.0
- version/f5 big-ip analytics/13.1.0
- version/f5 big-ip analytics/14.1.0
- version/f5 big-ip analytics/15.1.0
- version/f5 big-ip analytics/16.0.0
- canonical/f5 big-ip application acceleration manager
- version/f5 big-ip application acceleration manager/11.6.1
- version/f5 big-ip application acceleration manager/12.1.0
- version/f5 big-ip application acceleration manager/13.1.0
- version/f5 big-ip application acceleration manager/14.1.0
- version/f5 big-ip application acceleration manager/15.1.0
- version/f5 big-ip application acceleration manager/16.0.0
- canonical/f5 application security manager
- version/f5 application security manager/11.6.1
- version/f5 application security manager/12.1.0
- version/f5 application security manager/13.1.0
- version/f5 application security manager/14.1.0
- version/f5 application security manager/15.1.0
- version/f5 application security manager/16.0.0
- canonical/f5 big-ip ddos hybrid defender
- version/f5 big-ip ddos hybrid defender/11.6.1
- version/f5 big-ip ddos hybrid defender/12.1.0
- version/f5 big-ip ddos hybrid defender/13.1.0
- version/f5 big-ip ddos hybrid defender/14.1.0
- version/f5 big-ip ddos hybrid defender/15.1.0
- version/f5 big-ip ddos hybrid defender/16.0.0
- canonical/f5 big-ip domain name system
- version/f5 big-ip domain name system/11.6.1
- version/f5 big-ip domain name system/12.1.0
- version/f5 big-ip domain name system/13.1.0
- version/f5 big-ip domain name system/14.1.0
- version/f5 big-ip domain name system/15.1.0
- version/f5 big-ip domain name system/16.0.0
- canonical/f5 big-ip fraud protection services
- version/f5 big-ip fraud protection services/11.6.1
- version/f5 big-ip fraud protection services/12.1.0
- version/f5 big-ip fraud protection services/13.1.0
- version/f5 big-ip fraud protection services/14.1.0
- version/f5 big-ip fraud protection services/15.1.0
- version/f5 big-ip fraud protection services/16.0.0
- canonical/f5 big-ip global traffic manager
- version/f5 big-ip global traffic manager/11.6.1
- version/f5 big-ip global traffic manager/12.1.0
- version/f5 big-ip global traffic manager/13.1.0
- version/f5 big-ip global traffic manager/14.1.0
- version/f5 big-ip global traffic manager/15.1.0
- version/f5 big-ip global traffic manager/16.0.0
- canonical/f5 big-ip
- version/f5 big-ip/11.6.1
- version/f5 big-ip/12.1.0
- version/f5 big-ip/13.1.0
- version/f5 big-ip/14.1.0
- version/f5 big-ip/15.1.0
- version/f5 big-ip/16.0.0
- canonical/f5 big-ip local traffic manager
- version/f5 big-ip local traffic manager/11.6.1
- version/f5 big-ip local traffic manager/12.1.0
- version/f5 big-ip local traffic manager/13.1.0
- version/f5 big-ip local traffic manager/14.1.0
- version/f5 big-ip local traffic manager/15.1.0
- version/f5 big-ip local traffic manager/16.0.0
- canonical/f5 big-ip policy enforcement manager
- version/f5 big-ip policy enforcement manager/11.6.1
- version/f5 big-ip policy enforcement manager/12.1.0
- version/f5 big-ip policy enforcement manager/13.1.0
- version/f5 big-ip policy enforcement manager/14.1.0
- version/f5 big-ip policy enforcement manager/15.1.0
- version/f5 big-ip policy enforcement manager/16.0.0
- canonical/f5 big-ip ssl orchestrator
- version/f5 big-ip ssl orchestrator/11.6.1
- version/f5 big-ip ssl orchestrator/12.1.0
- version/f5 big-ip ssl orchestrator/13.1.0
- version/f5 big-ip ssl orchestrator/14.1.0
- version/f5 big-ip ssl orchestrator/15.1.0
- version/f5 big-ip ssl orchestrator/16.0.0