QID 375808

Date Published: 2021-08-31

QID 375808: F5 BIG-IP Advanced WAF and BIG-IP ASM Privilege Escalation (K41351250)

F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.

F5 BIG-IP Advanced WAF and BIG-IP ASM are affected by a vulnerability which allows an authenticated to perform a privilege escalation. (CVE-2021-23031)

Vulnerable Component: BIG-IP Advanced WAF and BIG-IP ASM

Affected Versions:
16.0.0 - 16.0.1.1
15.1.0 - 15.1.2
14.1.0 - 14.1.4.0
13.1.0 - 13.1.3
12.1.0 - 12.1.5
11.6.1 - 11.6.5.2

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

Sucessful exploitation will allow an authenticated to perform a privilege escalation.

  • CVSS V3 rated as Critical - 9.9 severity.
  • CVSS V2 rated as Critical - 9 severity.
  • Solution
    The vendor has released patch, for more information please visit: K41351250
    Vendor References

    CVEs related to QID 375808

    Software Advisories
    Advisory ID Software Component Link
    K41351250 URL Logo support.f5.com/csp/article/K41351250