Sunday, May 2, 2021

F5 Networks: K23203045 (CVE-2021-23014): BIG-IP Advanced WAF and ASM REST API vulnerability CVE-2021-23014

rapid7 vulnerabilities In: , 
Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From K23203045:If an attacker has network access to the BIG-IP Advanced WAF and ASM devices and has authenticated with guest privileges, the attacker could upload files to the BIG-IP Advanced WAF and ASM devices via the REST API. This may allow the attacker to upload and overwrite a limited set of files on BIG-IP Advanced WAF and ASM systems.
Solution(s)
  • f5-big-ip-upgrade-latest


    • References
  • https://support.f5.com/csp/article/K23203045
  • CVE-2021-23014




    •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore