Date Published: 2021-09-27
QID 375881: F5 BIG-IP Application Security Manager (ASM), Local Traffic Manager (LTM), Access Policy Manager (APM) iControl SOAP Vulnerability (K53854428)
F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.
F5 BIG-IP (LTM) Local Traffic Manager is the most popular module offered on F5 Networks BIG-IP platform. The real power of the LTM is it is a Full Proxy, allowing you to augment client and server side connections. All while making informed load balancing decisions on availability, performance, and persistence.
F5 BIG-IP Access Policy Manager (APM) is a secure, flexible, high-performance solution that provides unified global access to your network, cloud, and applications.
BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. (CVE-2021-23026)
Vulnerable Component: BIG-IP ASM, APM, LTM
16.0.0 - 126.96.36.199
15.1.0 - 15.1.2
14.1.0 - 188.8.131.52
13.1.0 - 13.1.4
12.1.0 - 12.1.6
11.6.1 - 11.6.5
QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.
An attacker may trick authenticated users into performing critical actions. This vulnerability can only be exploited through the control plane and cannot be exploited through the data plane. Exploitation can lead to complete system compromise.
- K53854428 - support.f5.com/csp/article/K53854428
CVEs related to QID 375881