PT-2021-15315 · F5 · Big-Ip Gtm+2

Published

2021-02-12

Updated

2021-02-17

CVE-2021-22982

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions BIG-IP DNS and GTM versions 11.6.x BIG-IP DNS and GTM versions 12.1.x BIG-IP DNS and GTM versions 13.1.x before 13.1.0.4

Description The issue arises from the insecure handling and parsing of certain payloads by big3d, resulting in a buffer overflow.

Recommendations For versions 11.6.x, update to a version that is still supported and has the fix. For versions 12.1.x, update to a version that is still supported and has the fix. For versions 13.1.x before 13.1.0.4, update to version 13.1.0.4 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2021-22982

Affected Products

Big-Ip Dns

Big-Ip Gtm

Big3D

PT-2021-15315 · F5 · Big-Ip Gtm+2

CVE-2021-22982

Weakness Enumeration

Related Identifiers

Affected Products

References · 4