VYPR
Unrated severityNVD Advisory· Published Sep 14, 2021· Updated Aug 3, 2024

CVE-2021-23026

CVE-2021-23026

Description

BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected products

2
  • F5/BIG-IPdescription
  • F5, Inc./Big IPllm-fuzzy
    Range: < = 16.0.1.1, < = 15.1.2, < = 14.1.4.1, < = 13.1.4.0, = any 12.1.x, any 11.6.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.