On BIG-IP 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.0.8 through 13.1.3.6, and all versions of 16.0.x, when running in Appliance Mode, an authenticated user assigned the 'Administrator' role may be able to bypass Appliance Mode restrictions utilizing undisclosed iControl REST endpoints. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
References
Link | Resource |
---|---|
https://support.f5.com/csp/article/K74151369 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: f5
Published: 2021-05-10T14:40:14
Updated: 2021-05-10T14:40:14
Reserved: 2021-01-06T00:00:00
Link: CVE-2021-23015
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-05-10T15:15:07.493
Modified: 2021-05-24T18:02:59.783
Link: CVE-2021-23015
JSON object: View
Redhat Information
No data.
CWE