{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T14:35:02.058","vulnerabilities":[{"cve":{"id":"CVE-2021-23012","sourceIdentifier":"f5sirt@f5.com","published":"2021-05-10T15:15:07.427","lastModified":"2024-11-21T05:51:08.933","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x before 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either \"Resource Administrator\" or \"Administrator\" roles to execute arbitrary bash commands on BIG-IP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."},{"lang":"es","value":"En BIG-IP las versiones 16.0.x anteriores a 16.0.1.1, versiones 15.1.x anteriores a 15.1.3, 14.1.x anteriores a 14.1.4 y versiones 13.1.x anteriores a 13.1.4, falta de validación de entrada para los elementos utilizados en la funcionalidad de soporte del sistema puede permitir que los usuarios a los que se les otorguen roles de \"Resource Administrator\" o \"Administrator\" ejecutar comandos bash arbitrarios en BIG-IP.&#xa0;Nota: No se evalúan las versiones de software que hayan alcanzado el End of Technical Support (EoTS)"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"0F975B09-678D-49A3-9BCE-C4F3BF45B0BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"FB553A20-D521-4A32-AD49-8FFD5A95E684"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"5F04F2FB-12C2-4BC4-AFBB-9DA82E53D7EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"A7706F70-BF89-480E-9AA6-3FE447375138"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"5A3D475E-7F63-4635-A5E4-83141D483E42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"DD3FC6D2-5816-47C0-81AE-DED62570F090"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"FA17368C-7B1F-4B73-8296-3FC2656C0F04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"0A84A8D4-9047-46D2-9C26-03C977D47AE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"5360871B-4642-4FD5-A63E-5B70B7FD7F5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndIncluding":"14.1.4","matchCriteriaId":"D2A1BB14-BEB5-43DD-878D-83E51FBFD4E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"55E9A0EB-8118-400B-B901-80A8AAFC212F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"6B9117DA-6AA9-4704-A092-B1D426E6370D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"8B4FC017-1567-4D02-A594-7F46090C5828"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"F2442894-A473-49A5-95B6-6312C3407FE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"3EC583B6-59E2-431B-A574-0A700F5713A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"4AE6833C-FF7C-4249-BF98-453645EEF8D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"7816C2AB-A2E1-467B-A865-ED4E5AE6268A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"78F5DCAD-BE4E-4D57-82CD-ADAB32691A9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"06D8F5CC-FD05-42EA-A3F2-49BB4A5009F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"51E3E0A3-8A75-43F8-8E8A-0C07345B88FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"75799571-1EF3-49A1-875D-0E97986BF9D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"8B318D4F-0D42-46CD-A5A9-02337BB1D2F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"23CFD951-1C6F-4EE5-B8AA-06F29744F082"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"7BB77EFF-A064-4475-A93C-5D5BA9313724"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"44513347-AC7C-4F28-85FC-3808C8F2446D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"AE2899E6-ABEF-4B61-AB8D-AF060D571196"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"92C9E947-BEF9-44CF-B129-D2BC0ECD5588"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"40239D12-142E-4D36-A89E-0F7AB91B665A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"70C8C72D-B266-4BAD-A3E8-A9BE508D07A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"F7C6025C-7283-4568-929B-CFA11423E179"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"E2E2832C-0C5D-4051-A85B-162C5BF11DEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"87CA1319-92D4-4C2F-B5D4-A2E86F538007"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"8700A87A-30F8-4497-B429-2237AC1C064B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"BBBAD42C-06D5-437F-AB92-1DCC23C1A78B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"247A56A6-5486-49C4-88B1-4251337044AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"7FE9EF68-055B-40B2-A676-C4C7FAAF77B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"BF3949EF-0D27-4868-B136-996B4D38D9B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"3DB5F9D2-C452-4469-9626-15FA11960A9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"9E599573-DAE5-4481-9BA0-7796D7101E67"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"BD28DA4B-F671-41B8-B231-24D28682FE8F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"BF6A13AE-9A16-4A69-A793-21CF85220073"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"57388787-F9DF-4930-ACBC-F3D1DAA53190"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"D67E4394-E1CC-4492-95E7-DCDA13049517"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"47980A60-F9B6-47EE-AD74-4D6D03A71AD0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"87294E83-8020-4904-9244-326FAF3A1E92"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"0AF0D639-0210-47D0-8680-6E09F0111D5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"1B6F6F41-B775-4A79-8284-C7BE0DA49DAA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"B0901863-B55A-4C97-B9AC-B537D242D2BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"3F241FCC-B063-46F2-B646-FB093AAFF216"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"704DF342-2CB5-4791-BF30-294D07B53653"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"50D58AEB-BB36-45A9-99D7-DC028F900707"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"85065C6E-71F2-42B8-A169-51174987B8AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"0C0A2074-4C85-40B4-9D53-3E848E6D5DDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"30CAABDE-CA8C-4F0A-B4D1-0633557AD5E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"2F071628-CC1B-4465-933D-7E5302DCC3A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.1","matchCriteriaId":"E4ADE8D9-D1EF-4591-AB3C-93D06BE701EC"}]}]}],"references":[{"url":"https://support.f5.com/csp/article/K04234247","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://support.f5.com/csp/article/K04234247","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}