{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T13:16:27.540","vulnerabilities":[{"cve":{"id":"CVE-2021-22993","sourceIdentifier":"f5sirt@f5.com","published":"2021-03-31T18:15:14.847","lastModified":"2026-06-17T03:38:10.367","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On BIG-IP Advanced WAF and BIG-IP ASM versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, DOM-based XSS on DoS Profile properties page. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated."},{"lang":"es","value":"En BIG-IP Advanced WAF y BIG-IP ASM versiones 16.0.x anteriores de 16.0.1.1, versiones 15.1.x anteriores a 15.1.2, versiones 14.1.x anteriores a 14.1.3.1, versiones 13.1.x anteriores a 13.1.3.6 y versiones 12.1.x anteriores a 12.1 .5.3, un XSS basado en DOM en la página de propiedades de DoS Profile. Nota: No se evalúan las versiones de software que han alcanzado End of Software Development (EoSD)."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"n/a","product":"BIG-IP Advanced WAF and BIG-IP ASM","versions":[{"version":"16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.5.3","matchCriteriaId":"12A27D41-6DEC-4887-A9A0-FE5AAD01FA98"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.3.6","matchCriteriaId":"39DDA652-065C-4AF9-A014-E0DAFF60B61B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.3.1","matchCriteriaId":"BF641654-BDC0-4483-B6BA-D5566427E5C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.2","matchCriteriaId":"6E0224A2-82E3-459A-8BEC-A2FC7B526230"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"6B9117DA-6AA9-4704-A092-B1D426E6370D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.5.3","matchCriteriaId":"A921F4E5-6BA7-4978-B47E-D1B173FF493F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.3.6","matchCriteriaId":"2BF4F8C6-1C43-4A54-9FD6-011253744FC8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.3.1","matchCriteriaId":"A0B1C52A-361A-46BD-9531-96C69F011EBC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.2","matchCriteriaId":"24B9D974-3C1E-4467-A844-F9FDCD39A7FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"7BB77EFF-A064-4475-A93C-5D5BA9313724"}]}]}],"references":[{"url":"https://support.f5.com/csp/article/K55237223","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://support.f5.com/csp/article/K55237223","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}