QID 375895

Date Published: 2021-09-30

QID 375895: F5 BIG-IP Application Security Manager (ASM) TMUI Vulnerability (K52420610)

F5 BIG-IP ASM (Application Security Manager) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments.

Insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. (CVE-2021-23029)

Vulnerable Component: BIG-IP ASM

Affected Versions:
16.0.0 - 16.0.1

QID Detection Logic(Authenticated):
This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

An attacker with network access to the management interface and authenticated with guest privileges may be able to perform an SSRF attack.

  • CVSS V3 rated as Critical - 8.8 severity.
  • CVSS V2 rated as High - 6.5 severity.
  • Solution
    The vendor has released patch, for more information please visit: K52420610
    Vendor References

    CVEs related to QID 375895

    Software Advisories
    Advisory ID Software Component Link
    K52420610 URL Logo support.f5.com/csp/article/K52420610