ID
VAR-202102-0807
CVE
CVE-2021-22982
TITLE
BIG-IP DNS and GTM Buffer Overflow Vulnerability in Linux
Trust: 0.8
sources:
JVNDB: JVNDB-2021-003749
DESCRIPTION
On BIG-IP DNS and GTM version 13.1.x before 13.1.0.4, and all versions of 12.1.x and 11.6.x, big3d does not securely handle and parse certain payloads resulting in a buffer overflow. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. BIG-IP DNS and GTM Contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Trust: 1.71
sources:
NVD: CVE-2021-22982 //
JVNDB: JVNDB-2021-003749 //
VULHUB: VHN-381468
AFFECTED PRODUCTS
| vendor: | f5 | model: | big-ip domain name system | scope: | gte | version: | 12.1.0 | Trust: 1.0 |
| vendor: | f5 | model: | big-ip domain name system | scope: | lte | version: | 12.1.5 | Trust: 1.0 |
| vendor: | f5 | model: | big-ip global traffic manager | scope: | gte | version: | 11.6.1 | Trust: 1.0 |
| vendor: | f5 | model: | big-ip global traffic manager | scope: | lte | version: | 11.6.5 | Trust: 1.0 |
| vendor: | f5 | model: | big-ip domain name system | scope: | lt | version: | 13.1.0.4 | Trust: 1.0 |
| vendor: | f5 | model: | big-ip domain name system | scope: | gte | version: | 13.1.0 | Trust: 1.0 |
| vendor: | f5 | model: | big-ip domain name system | scope: | - | version: | - | Trust: 0.8 |
| vendor: | f5 | model: | big-ip global traffic manager | scope: | - | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2021-003749 //
NVD: CVE-2021-22982
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-381468 //
JVNDB: JVNDB-2021-003749 //
CNNVD: CNNVD-202102-1066 //
NVD: CVE-2021-22982
PROBLEMTYPE DATA
| problemtype: | CWE-120 | Trust: 1.1 |
| problemtype: | Classic buffer overflow (CWE-120) [NVD Evaluation ] | Trust: 0.8 |
sources:
VULHUB: VHN-381468 //
JVNDB: JVNDB-2021-003749 //
NVD: CVE-2021-22982
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202102-1066
TYPE
buffer error
Trust: 0.6
sources:
CNNVD: CNNVD-202102-1066
PATCH
| title: | K72708443 | url: | https://support.f5.com/csp/article/K72708443 | Trust: 0.8 |
| title: | AskF5 BIG-IP Buffer error vulnerability fix | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142103 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2021-003749 //
CNNVD: CNNVD-202102-1066
EXTERNAL IDS
| db: | NVD | id: | CVE-2021-22982 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2021-003749 | Trust: 0.8 |
| db: | AUSCERT | id: | ESB-2021.0513 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202102-1066 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-381468 | Trust: 0.1 |
sources:
VULHUB: VHN-381468 //
JVNDB: JVNDB-2021-003749 //
CNNVD: CNNVD-202102-1066 //
NVD: CVE-2021-22982
REFERENCES
| url: | https://support.f5.com/csp/article/k72708443 | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2021-22982 | Trust: 1.4 |
| url: | https://vigilance.fr/vulnerability/f5-big-ip-dns-gtm-buffer-overflow-via-big3d-agent-34563 | Trust: 0.6 |
| url: | https://www.auscert.org.au/bulletins/esb-2021.0513 | Trust: 0.6 |
sources:
VULHUB: VHN-381468 //
JVNDB: JVNDB-2021-003749 //
CNNVD: CNNVD-202102-1066 //
NVD: CVE-2021-22982
SOURCES
| db: | VULHUB | id: | VHN-381468 |
| db: | JVNDB | id: | JVNDB-2021-003749 |
| db: | CNNVD | id: | CNNVD-202102-1066 |
| db: | NVD | id: | CVE-2021-22982 |
LAST UPDATE DATE
2024-11-23T22:47:42.111000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-381468 | date: | 2021-02-17T00:00:00 |
| db: | JVNDB | id: | JVNDB-2021-003749 | date: | 2021-11-04T06:01:00 |
| db: | CNNVD | id: | CNNVD-202102-1066 | date: | 2021-02-22T00:00:00 |
| db: | NVD | id: | CVE-2021-22982 | date: | 2024-11-21T05:51:03.863 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-381468 | date: | 2021-02-12T00:00:00 |
| db: | JVNDB | id: | JVNDB-2021-003749 | date: | 2021-11-04T00:00:00 |
| db: | CNNVD | id: | CNNVD-202102-1066 | date: | 2021-02-11T00:00:00 |
| db: | NVD | id: | CVE-2021-22982 | date: | 2021-02-12T18:15:12.860 |