mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
393 lines
16 KiB
JSON
393 lines
16 KiB
JSON
{
|
|
"id": "CVE-2021-22975",
|
|
"sourceIdentifier": "f5sirt@f5.com",
|
|
"published": "2021-02-12T17:15:14.480",
|
|
"lastModified": "2021-02-19T16:58:31.773",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, and 14.1.x before 14.1.3.1, under some circumstances, Traffic Management Microkernel (TMM) may restart on the BIG-IP system while passing large bursts of traffic. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En BIG-IP versiones 16.0.x anteriores a 16.0.1.1, versiones 15.1.x anteriores a 15.1.2.1 y versiones 14.1.x anteriores a 14.1.3.1, en algunas circunstancias, Traffic Management Microkernel (TMM) puede reiniciarse en el sistema BIG-IP mientras pasa grandes r\u00e1fagas de tr\u00e1fico. Nota: No son evaluadas las versiones de software que han alcanzado End of Software Development (EoSD)"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.6
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "D27EBC7C-4EE1-4574-9AFD-2868611D80B8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "6ED8C663-038B-4071-9FF9-AE609F2DA4CD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "A7706F70-BF89-480E-9AA6-3FE447375138"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "86D94B31-6496-42B0-BA04-370C283C4641"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "F0AC967D-8D6D-44F5-88EF-A50F18979774"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "0A84A8D4-9047-46D2-9C26-03C977D47AE4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "BF641654-BDC0-4483-B6BA-D5566427E5C5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "61BA4596-EFD4-483F-952D-4298B6CEFA9D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "6B9117DA-6AA9-4704-A092-B1D426E6370D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "2F630B15-9652-477D-ACDE-BB846FAA2D92"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "B462A70A-2504-4E8C-85C3-D771CDB34038"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "4AE6833C-FF7C-4249-BF98-453645EEF8D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "6FB29F87-8F6B-452A-9A9B-B7680C37CE43"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "5591E2A0-9D8E-42D2-99E0-62738897762D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "51E3E0A3-8A75-43F8-8E8A-0C07345B88FD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "A0B1C52A-361A-46BD-9531-96C69F011EBC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "50F6CC82-CAC7-426C-94F0-9E8E26CF61E0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "7BB77EFF-A064-4475-A93C-5D5BA9313724"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "D288196E-3937-4531-9571-07893BEE7296"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "29A3450E-EA73-4E17-B371-92F55EF6E1A9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "40239D12-142E-4D36-A89E-0F7AB91B665A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "95CD946B-331A-44F5-8F64-26411E909F13"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "D4D4B28E-43B5-4132-A4EC-B20B9F85964A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "87CA1319-92D4-4C2F-B5D4-A2E86F538007"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "91346E36-BACA-4562-9903-9E4B7EA74834"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "626E1218-868C-4328-99DA-62785C6771DF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "7FE9EF68-055B-40B2-A676-C4C7FAAF77B3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "AD6C7A28-1569-44B0-BE80-7472F5ED5059"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "044F30A3-6B2E-4C38-8705-D291CD3CB287"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "BD28DA4B-F671-41B8-B231-24D28682FE8F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "1C78B434-86B3-49AE-B93D-3A8F743DE00F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "1D513ACA-0D21-4CE0-88C1-DCA812F62C05"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "47980A60-F9B6-47EE-AD74-4D6D03A71AD0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "B6D8C63D-D669-414C-8AF1-2F3A993D6B75"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "86607F4A-555F-4842-AFA8-34EB7484FA2E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "B0901863-B55A-4C97-B9AC-B537D242D2BF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "72914086-C966-46CF-AE19-6F70EA05FEF1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "43CB3FEA-4127-460B-846E-81B6C985DEAA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "85065C6E-71F2-42B8-A169-51174987B8AF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "14.1.0",
|
|
"versionEndExcluding": "14.1.3.1",
|
|
"matchCriteriaId": "201CB36E-0ED5-4B8E-9FCC-67643C99F3CC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15.1.0",
|
|
"versionEndExcluding": "15.1.2.1",
|
|
"matchCriteriaId": "9363BF22-DA96-4691-AD24-EECF6D9FCBEB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "16.0.0",
|
|
"versionEndExcluding": "16.0.1.1",
|
|
"matchCriteriaId": "E4ADE8D9-D1EF-4591-AB3C-93D06BE701EC"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://support.f5.com/csp/article/K21971977",
|
|
"source": "f5sirt@f5.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |