CVE-2021-22986 - F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability
Project:F5
Product:BIG-IP and BIG-IQ Centralized Management
Date Added:2021-11-03Due Date:2021-11-17
Vulnerability Name
F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability
Description
F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access to execute system commands, create or delete files, and disable services.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-22986