{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-13T20:36:03.524","vulnerabilities":[{"cve":{"id":"CVE-2021-23038","sourceIdentifier":"f5sirt@f5.com","published":"2021-09-14T18:15:08.370","lastModified":"2024-11-21T05:51:11.973","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."},{"lang":"es","value":"En versiones 16.0.x anteriores a 16.0.1.2, versiones 15.1.x anteriores a 15.1.3.1, versiones 14.1.x anteriores a 14.1.4.2, versiones 13.1.x anteriores a 13.1.4.1 y todas las versiones de 12.1.x, se presenta una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en una pĆ”gina no divulgada de la utilidad de ConfiguraciĆ³n de BIG-IP que permite a un atacante ejecutar JavaScript en el contexto del usuario actualmente conectado. Nota: Las versiones de software que han alcanzado End of Technical Support (EoTS) no son evaluadas"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"DE2F2CB2-BE96-4DC8-B336-1E9A318B4604"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"DA295913-8529-4713-916B-01B6541FF70A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"BA09EDB2-A0E5-4344-A579-54F0F4FF2C11"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"6E57675D-7F7C-45D3-B1E2-DFE28A077F1E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"C7D3DE51-EAA0-427D-8991-F2D9449F6F99"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"6E32CBE0-BFDC-4DCB-A365-2F3C4D680446"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"5883B48D-1E30-4DC5-BDF2-66B42E80853B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"7945B455-EB5E-42FF-B7AF-5D33E933BF02"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"A96587ED-6A2A-47AE-AAF3-D1133B768EE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"E0B33987-329F-4C8E-948C-C797199E3D80"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"18666B67-A6EA-402B-926E-96348AB82831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"33C4EDBB-FC81-4B55-BF29-B953DFA50E31"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"BE46F8F1-4100-4DA0-A3C2-68436382542C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"09813708-4D04-4EB0-B341-400ABA36D8E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"0EBE11A9-0ACA-44E3-A15D-BDD8B7CEC107"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"8AF5B8C5-98F2-45B5-A877-C3666E3D6876"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"CAD1F31E-7CB0-4AE2-8DA1-B73FB754011A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"136C9B32-0060-4415-A638-640FB94B897A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"81F90899-0216-4ABF-B17E-F46B47D17CA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"53C5B43F-C4E5-481B-B909-55473427F62D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"1849279E-9FB1-4D6A-8386-337F7DF151DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"045F8216-F882-40DF-8AF4-BFB9E34A13F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"32211FA0-202E-43A2-9E29-C4AF935DFF08"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"E4B53FEB-1754-49D4-953D-146D92CAC3BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"CE26ED82-4D38-4165-990D-4967AE130059"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"F489E5B1-1EC4-4E45-8EE6-6A4FCD0F386F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"0D499D12-A537-46CD-B2A1-8E0F23DF4208"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"C2090B42-A1A5-46E8-91A1-5FCF19C90FEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"F9520702-C1E2-42A2-914A-C1A248D36C96"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"81FB0566-9B8D-489D-B27A-44478903E284"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"01C01794-36BD-4783-B962-07000FCE4788"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"88AEB21A-49C9-45EF-B2CD-E8E534BAC392"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"A6258CDF-36F8-489C-A611-2B26E1254A26"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"4A19121E-EBEC-4B05-B4CB-A93C6C66604E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"64E83F71-D91E-425A-B8F1-5E1790F2B30E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"5ED5A4F4-9FFF-43D0-B17D-838D6CEDDF04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"A30F432C-CE5E-4A43-8817-85FA69EAF5D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"73D077C2-F7C7-4835-A923-06CEA89A2C1F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"52D6CC00-21A5-4AC5-A462-E4AB4E2BD11A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"00210DD6-894D-4E43-A7B6-D3B6D508E037"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"16234A51-9C86-484A-B8D5-6EFB838CB564"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"983FE6EB-7D27-4FE6-BC13-3289BD535CB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"B0032092-8128-41A7-AFAF-B48D8A31F67E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"86447162-A295-4153-96DE-922DFE98B9DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"8CCAFD36-1E86-4DC2-914E-EE32B8ED387D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"61189D3B-8BF1-47A7-B5AC-A75E44D6BD5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4.1","matchCriteriaId":"724B7474-00B5-4FB7-AD85-5EC4A1317099"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4.2","matchCriteriaId":"427E11BE-3424-4D12-B83B-000F6B15CADF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3.1","matchCriteriaId":"C3BC4F3B-D2F3-48D3-BC24-908535564289"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.0.1.2","matchCriteriaId":"4F27D8D5-71EA-4FB0-A9A7-410BF1DEF68C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.6","matchCriteriaId":"9FBA5CDC-1989-4971-BD1B-F14E801F5017"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"13.1.0","versionEndExcluding":"13.1.4","matchCriteriaId":"3F241FCC-B063-46F2-B646-FB093AAFF216"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.1.0","versionEndExcluding":"14.1.4","matchCriteriaId":"704DF342-2CB5-4791-BF30-294D07B53653"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.3","matchCriteriaId":"50D58AEB-BB36-45A9-99D7-DC028F900707"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.1.0","matchCriteriaId":"D5E7D266-635F-43C6-81B5-160C2E6A7686"}]}]}],"references":[{"url":"https://support.f5.com/csp/article/K61643620","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://support.f5.com/csp/article/K61643620","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]}]}}]}