CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Nov 17, 2021

CVE-2021-22986

High

CVSS 9.8EPSS 94.5%CISA KEVPoC AvailableRansomware

F5/BIG-IP and BIG-IQ Centralized Management

Description

F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access to execute system commands, create or delete files, and disable services.

CVSS Score

9.8/ 10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS — Exploit Probability

94.5%

Higher than 100.0% of all CVEs

Weakness Classification (CWE)

CWE-918Server-Side Request ForgeryMITRE

Known Exploits

POC

http://packetstormsecurity.com/files/162059/F5-iControl-Server-Side-Request-Forgery-Remote-Command-Execution.htmlExploit http://packetstormsecurity.com/files/162066/F5-BIG-IP-16.0.x-Remote-Code-Execution.htmlExploit http://packetstormsecurity.com/files/162059/F5-iControl-Server-Side-Request-Forgery-Remote-Command-Execution.htmlExploit http://packetstormsecurity.com/files/162066/F5-BIG-IP-16.0.x-Remote-Code-Execution.htmlExploit

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2021-22986

Risk Assessment

CRITICAL

In CISA KEV

Known exploit

Critical CVSS

High EPSS

Ransomware

Details

Severity: High
CVSS: 9.8
EPSS: 94.5%
CWE: CWE-918
Exploit: POC
CISA KEV: Yes
Ransomware: Known
Articles: 0

Timeline

Published

Nov 3, 2021

Added to KEV

Nov 3, 2021

Remediation Due

Nov 17, 2021

Affected Product

BIG-IP and BIG-IQ Centralized Management

View all F5 CVEs

External Links

NVD (NIST)CVE Details MITRE CVE