Details of VAR-202103-0818

ID

VAR-202103-0818

CVE

CVE-2021-22998

TITLE

BIG-IP Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-005130

DESCRIPTION

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, SYN flood protection thresholds are not enforced in secure network address translation (SNAT) listeners. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. BIG-IP Contains an unspecified vulnerability.Denial of service (DoS) It may be put into a state. F5 BIG-IP is an application delivery platform integrated with network traffic management, application security management, load balancing and other functions of the US company F5. A security vulnerability exists in the F5 BIG-IP that could allow an attacker to trigger a fatal error that could trigger a denial of service

Trust: 1.71

sources: NVD: CVE-2021-22998 // JVNDB: JVNDB-2021-005130 // VULHUB: VHN-381484

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip local traffic manager	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	lt	version:	12.1.5.3	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	ssl orchestrator	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced web application firewall	scope:	gte	version:	15.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	11.6.1	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lt	version:	16.0.1.1	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lt	version:	13.1.3.6	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lt	version:	11.6.5.3	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lt	version:	15.1.2.1	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lt	version:	14.1.4	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip advanced web application firewall	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip advanced firewall manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip global traffic manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip ddos hybrid defender	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip analytics	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip domain name system	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip fraud protection service	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip application acceleration manager	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-005130 // NVD: CVE-2021-22998

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-22998
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-22998
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202103-775
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-381484
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-22998
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-381484
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-22998
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2021-22998
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-381484 // JVNDB: JVNDB-2021-005130 // CNNVD: CNNVD-202103-775 // NVD: CVE-2021-22998

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-005130 // NVD: CVE-2021-22998

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202103-775

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202103-775

PATCH

title:	K31934524	url:	https://support.f5.com/csp/article/K31934524	Trust: 0.8
title:	F5 BIG-IP Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146013	Trust: 0.6
title:	F5_Vulnerability	url:	https://github.com/DNTYO/F5_Vulnerability	Trust: 0.1

sources: VULMON: CVE-2021-22998 // JVNDB: JVNDB-2021-005130 // CNNVD: CNNVD-202103-775

EXTERNAL IDS

db:	NVD	id:	CVE-2021-22998	Trust: 2.6
db:	JVNDB	id:	JVNDB-2021-005130	Trust: 0.8
db:	CNNVD	id:	CNNVD-202103-775	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.0873	Trust: 0.6
db:	VULHUB	id:	VHN-381484	Trust: 0.1
db:	VULMON	id:	CVE-2021-22998	Trust: 0.1

sources: VULHUB: VHN-381484 // VULMON: CVE-2021-22998 // JVNDB: JVNDB-2021-005130 // CNNVD: CNNVD-202103-775 // NVD: CVE-2021-22998

REFERENCES

url:	https://support.f5.com/csp/article/k31934524	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22998	Trust: 1.4
url:	https://vigilance.fr/vulnerability/f5-big-ip-denial-of-service-via-snat-syn-flood-34810	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0873	Trust: 0.6
url:	https://github.com/dntyo/f5_vulnerability	Trust: 0.1

sources: VULHUB: VHN-381484 // VULMON: CVE-2021-22998 // JVNDB: JVNDB-2021-005130 // CNNVD: CNNVD-202103-775 // NVD: CVE-2021-22998

SOURCES

db:	VULHUB	id:	VHN-381484
db:	VULMON	id:	CVE-2021-22998
db:	JVNDB	id:	JVNDB-2021-005130
db:	CNNVD	id:	CNNVD-202103-775
db:	NVD	id:	CVE-2021-22998

LAST UPDATE DATE

2024-11-23T21:34:48.918000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-381484	date:	2021-04-05T00:00:00
db:	VULMON	id:	CVE-2021-22998	date:	2021-04-05T00:00:00
db:	JVNDB	id:	JVNDB-2021-005130	date:	2021-12-08T04:37:00
db:	CNNVD	id:	CNNVD-202103-775	date:	2021-04-06T00:00:00
db:	NVD	id:	CVE-2021-22998	date:	2024-11-21T05:51:05.700

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-381484	date:	2021-03-31T00:00:00
db:	VULMON	id:	CVE-2021-22998	date:	2021-03-31T00:00:00
db:	JVNDB	id:	JVNDB-2021-005130	date:	2021-12-08T00:00:00
db:	CNNVD	id:	CNNVD-202103-775	date:	2021-03-10T00:00:00
db:	NVD	id:	CVE-2021-22998	date:	2021-03-31T18:15:15.097