{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T10:15:20.844","vulnerabilities":[{"cve":{"id":"CVE-2021-23008","sourceIdentifier":"f5sirt@f5.com","published":"2021-05-10T14:15:07.483","lastModified":"2024-11-21T05:51:08.507","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD (Active Directory) authentication can be bypassed via a spoofed AS-REP (Kerberos Authentication Service Response) response sent over a hijacked KDC (Kerberos Key Distribution Center) connection or from an AD server compromised by an attacker. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."},{"lang":"es","value":"En la versión 15.1.x anteriores a 15.1.3, versiones 14.1.x anteriores a 14.1.4, versiones 13.1.x anteriores a 13.1.4, versiones 12.1.x anteriores a 12.1.6 y todas las versiones de 16.0.xy 11.6.x., BIG-IP APM AD (Active Directory) una autenticación puede ser omitida por medio de una respuesta AS-REP (Kerberos Authentication Service Response) falsificada enviada por medio de una conexión KDC (Kerberos Key Distribution Center) secuestrada o desde un servidor AD comprometido por un atacante. Nota: Las versiones de Software que hayan alcanzado End of Technical Support (EoTS) no son evaluadas"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.2","versionEndExcluding":"11.6.5","matchCriteriaId":"F41A64A3-408C-4831-8226-DA4E6546FE1F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.5","matchCriteriaId":"9264B296-3445-4B9F-927D-7865BF3D8AF6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.3","matchCriteriaId":"77A8EFA2-50FD-4187-A6F2-7E05A10585E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.3","matchCriteriaId":"5B8964C4-8173-4AAE-9BDD-6E9E60E3D1B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.1.2","matchCriteriaId":"5AC29EF0-7E85-4BB1-A183-D03FC53868ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1","matchCriteriaId":"3F3F98DD-C142-4030-AD11-A3129D5FFEA9"}]}]}],"references":[{"url":"https://support.f5.com/csp/article/K51213246","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://support.f5.com/csp/article/K51213246","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}