Details of VAR-202105-0643

ID

VAR-202105-0643

CVE

CVE-2021-23008

TITLE

BIG-IP APM Authentication vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2021-006798

DESCRIPTION

On version 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD (Active Directory) authentication can be bypassed via a spoofed AS-REP (Kerberos Authentication Service Response) response sent over a hijacked KDC (Kerberos Key Distribution Center) connection or from an AD server compromised by an attacker. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. BIG-IP APM Contains an authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. F5 BIG-IP APM is a set of access and security solutions from F5 Corporation of the United States. The product provides unified access to business-critical applications and networks. An authorization issue vulnerability exists in BIG-IP APM due to an error in processing authentication requests. The following products and versions are affected: BIG-IP APM: 11.5.2, 11.5.3, 11.5.4, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5 .10, 12.1.0, 12.1.0 HF1, 12.1.1, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.4, 12.1.4, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.6, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1. 1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.3.6 2, 14.1.0, 14.1.0.3.0.79.6 ENG Hotfix, 14.1.0.3.0.97 .6 ENG Hotfix, 14.1.0.3.0.99.6 ENG Hotfix, 14.1.0.5.0.15.5 ENG Hotfix, 14.1.0.5.0.36.5 ENG Hotfix, 14.1.0.5.0.40.5 ENG Hotfix, 14.1.0.6, 14.1 .0.6.0.11.9 ENG Hotfix, 14.1.0.6.0.14.9 ENG Hotfix, 14.1.0.6.0.68.9 ENG Hotfix, 14.1.0.6.0.70.9 ENG Hotfix, 14.1.1, 14.1.2, 14.1.2 -0.89.37, 14.1.2.0.11

Trust: 2.34

sources: NVD: CVE-2021-23008 // JVNDB: JVNDB-2021-006798 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-381494 // VULMON: CVE-2021-23008

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	16.0.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	14.1.3	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	12.1.5	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	15.1.2	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	13.1.3	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	14.1.4	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	15.1.x	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	12.1.x	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	15.1.3	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	12.1.6	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	16.0.x	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	14.1.x	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	11.6.x	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	13.1.4	Trust: 0.8
vendor:	f5	model:	big-ip access policy manager	scope:	lt	version:	13.1.x	Trust: 0.8

sources: JVNDB: JVNDB-2021-006798 // NVD: CVE-2021-23008

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-23008
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2021-23008
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202104-2123
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-381494
value:	HIGH
Trust: 0.1
VULMON:	CVE-2021-23008
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-23008
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-381494
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-23008
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2021-23008
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-381494 // VULMON: CVE-2021-23008 // JVNDB: JVNDB-2021-006798 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-2123 // NVD: CVE-2021-23008

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.1
problemtype:	Improper authentication (CWE-287) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-381494 // JVNDB: JVNDB-2021-006798 // NVD: CVE-2021-23008

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202104-2123

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:	K51213246	url:	https://support.f5.com/csp/article/K51213246	Trust: 0.8
title:	F5 BIG-IP APM Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=151189	Trust: 0.6
title:	-	url:	https://threatpost.com/f5-big-ip-security-bypass/165735/	Trust: 0.1

sources: VULMON: CVE-2021-23008 // JVNDB: JVNDB-2021-006798 // CNNVD: CNNVD-202104-2123

EXTERNAL IDS

db:	NVD	id:	CVE-2021-23008	Trust: 3.4
db:	JVNDB	id:	JVNDB-2021-006798	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1450	Trust: 0.6
db:	CS-HELP	id:	SB2021042905	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-2123	Trust: 0.6
db:	VULHUB	id:	VHN-381494	Trust: 0.1
db:	VULMON	id:	CVE-2021-23008	Trust: 0.1

sources: VULHUB: VHN-381494 // VULMON: CVE-2021-23008 // JVNDB: JVNDB-2021-006798 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-2123 // NVD: CVE-2021-23008

REFERENCES

url:	https://support.f5.com/csp/article/k51213246	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23008	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1450	Trust: 0.6
url:	https://vigilance.fr/vulnerability/f5-big-ip-privilege-escalation-via-active-directory-35191	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042905	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/f5-big-ip-security-bypass/165735/	Trust: 0.1

sources: VULHUB: VHN-381494 // VULMON: CVE-2021-23008 // JVNDB: JVNDB-2021-006798 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202104-2123 // NVD: CVE-2021-23008

SOURCES

db:	VULHUB	id:	VHN-381494
db:	VULMON	id:	CVE-2021-23008
db:	JVNDB	id:	JVNDB-2021-006798
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202104-2123
db:	NVD	id:	CVE-2021-23008

LAST UPDATE DATE

2024-08-14T12:21:56.586000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-381494	date:	2021-05-19T00:00:00
db:	VULMON	id:	CVE-2021-23008	date:	2021-05-19T00:00:00
db:	JVNDB	id:	JVNDB-2021-006798	date:	2022-01-20T07:25:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202104-2123	date:	2021-05-20T00:00:00
db:	NVD	id:	CVE-2021-23008	date:	2021-05-19T18:20:25.343

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-381494	date:	2021-05-10T00:00:00
db:	VULMON	id:	CVE-2021-23008	date:	2021-05-10T00:00:00
db:	JVNDB	id:	JVNDB-2021-006798	date:	2022-01-20T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202104-2123	date:	2021-04-29T00:00:00
db:	NVD	id:	CVE-2021-23008	date:	2021-05-10T14:15:07.483