CVE-2021-22990 : What You Need to Know

BIG-IP Advanced WAF or BIG-IP ASM versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3 are affected by an authenticated remote command execution vulnerability in undisclosed pages of the Traffic Management User Interface (TMUI).

Understanding CVE-2021-22990

This CVE identifies a Remote Code Execution (RCE) vulnerability affecting BIG-IP Advanced WAF or BIG-IP ASM.

What is CVE-2021-22990?

The CVE-2021-22990 vulnerability allows authenticated users to execute commands remotely through undisclosed pages in the TMUI.

The Impact of CVE-2021-22990

Exploitation of this vulnerability could lead to unauthorized command execution, potentially resulting in system compromise, data breaches, or service disruption.

Technical Details of CVE-2021-22990

The following technical details outline the vulnerability further:

Vulnerability Description

BIG-IP versions mentioned are susceptible to authenticated remote command execution via the TMUI.

Affected Systems and Versions

Systems running BIG-IP Advanced WAF or BIG-IP ASM versions detailed are at risk.

Exploitation Mechanism

Exploitation involves authenticated users executing commands through the TMUI.

Mitigation and Prevention

To secure your systems against CVE-2021-22990, consider the following measures:

Immediate Steps to Take

Apply security patches provided by F5 Networks immediately.
Restrict access to the TMUI to authorized users.

Long-Term Security Practices

Regularly monitor for security advisories and updates from F5 Networks.
Implement strong authentication mechanisms and access controls.

Patching and Updates

Keep your BIG-IP Advanced WAF or BIG-IP ASM updated with the latest security patches and software versions to mitigate the risk of exploitation.