F5 Networks: K55237223 (CVE-2021-22993): BIG-IP Advanced WAF and ASM XSS vulnerability CVE-2021-22993
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From K55237223:An attacker can inject a malicious script into the BIG-IP Advanced WAF and ASM Configuration utility and trick users into executing malicious code.
Solution(s)
f5-big-ip-upgrade-latest
Referenceshttps://support.f5.com/csp/article/K55237223CVE-2021-22993