CVE-2021-23033 - AskarLabs CVE Database

CVE-2021-23033

Vendor N/A

Product BIG-IP Advanced WAF and BIG-IP ASM

Weakness CWE-20 · Input validation

Published September 14, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

On BIG-IP Advanced WAF and BIG-IP ASM version 16.x before 16.1.0x, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x, when a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Key dates

02Disclosure timeline

September 14, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-23033

Related vulnerabilities

04Related CVE

CVE-2018-0211 CVE-2021-1150 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Command Injection Vulnerabilities CVE-2023-30991 IBM Db2 denial of service CVE-2026-26952 Pi-hole Web Interface has Stored HTML Injection via Local DNS Records (CNAME/Hosts) in data-tag Attribute CVE-2019-1716 Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability