What is CVE-2015-8021?

CVE-2015-8021 is a medium-severity vulnerability in F5 Big-ip_access_policy_manager, classified under Improper Access Control. CVSS score: 4.3/10. Published 2016-04-12.

How severe is CVE-2015-8021?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in F5 Big-ip_access_policy_manager

CVE-2015-8021

Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 an…

EPSS: 0.001 (29.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N.

Affected products

F5 Big-ip_access_policy_manager — versions 11.0.0, 11.1.0, 11.2.0
F5 Big-ip_advanced_firewall_manager — versions 11.3.0, 11.4.0, 11.4.1
F5 Big-ip_analytics — versions 11.0.0, 11.1.0, 11.2.0
F5 Big-ip_application_acceleration_manager — versions 11.4.0, 11.4.1
F5 Big-ip_application_security_manager — versions 11.0.0, 11.1.0, 11.2.0
F5 Big-ip_edge_gateway — versions 11.0.0, 11.1.0, 11.2.0
F5 Big-ip_global_traffic_manager — versions 11.0.0, 11.1.0, 11.2.0
F5 Big-ip_link_controller — versions 11.0.0, 11.1.0, 11.2.0
F5 Big-ip_local_traffic_manager — versions 11.0.0, 11.1.0, 11.2.0
F5 Big-ip_policy_enforcement_manager — versions 11.3.0, 11.4.0, 11.4.1

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

82340 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
1034781 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2015-8021?: CVE-2015-8021 is a medium-severity vulnerability in F5 Big-ip_access_policy_manager, classified under Improper Access Control. CVSS score: 4.3/10. Published 2016-04-12.
How severe is CVE-2015-8021?: Medium severity. CVSS v3 base score is 4.3 out of 10.