What is CVE-2021-22991?

CVE-2021-22991 is a vulnerability in Big-ip. Published 2021-03-31.

Is CVE-2021-22991 known to be exploited?

Yes. CVE-2021-22991 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2022-01-18), indicating it is being actively exploited. 8 public proof-of-concept repositories are indexed.

Vulnerability in Big-ip

CVE-2021-22991

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, undisclosed requests to a virtual server may be incorrectly handled by the Traffic Management Micr…

EPSS: 0.731 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a Big-ip — versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3

CISA KEV (Known Exploited Vulnerabilities)

This CVE is on the CISA KEV catalog, added on 2022-01-18. CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.

BOD 22-01 due date: 2022-02-01.

Required action: Apply updates per vendor instructions.

Public proof-of-concept exploits

References

support.f5.com/csp/article/K56715231 (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-22991?: CVE-2021-22991 is a vulnerability in Big-ip. Published 2021-03-31.
Is CVE-2021-22991 known to be exploited?: Yes. CVE-2021-22991 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2022-01-18), indicating it is being actively exploited. 8 public proof-of-concept repositories are indexed.