{"id":12789,"date":"2021-03-24T09:25:06","date_gmt":"2021-03-24T09:25:06","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=12789"},"modified":"2026-04-17T18:07:46","modified_gmt":"2026-04-17T18:07:46","slug":"f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/","title":{"rendered":"F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert"},"content":{"rendered":"<!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\">\n<html><body><h2 class=\"wp-block-heading\">Vulnerability Description<\/h2>\n\n\n\n<p>On March 11, NSFOCUS observed that F5 released a security bulletin to announce the fix of multiple high-risk vulnerabilities, CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, and CVE-2021-22992, which affect BIG-IP and BIG-IQ in F5.<\/p>\n\n\n\n<p>Users are advised to take preventive measures as soon as possible.<\/p>\n\n\n\n<p>BIG-IP is an F5 application delivery platform that integrates the functions of network traffic management, application security management, and load balancing. BIG-IQ is an intelligent framework for managing and orchestrating F5 security and application delivery solutions.<\/p>\n\n\n\n<p>Reference link:<\/p>\n\n\n\n<p><a href=\"https:\/\/support.f5.com\/csp\/article\/K02566623\">https:\/\/support.f5.com\/csp\/article\/K02566623<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Description of Major Vulnerabilities<\/h2>\n\n\n\n<p><strong>iControl REST Remote Command Execution Vulnerability (CVE-2021-22986)<\/strong><\/p>\n\n\n\n<p>An unauthenticated attacker with network access to the iControl REST interface, through the BIG-IP management interface and his or her IP addresses can execute arbitrary system commands, create or delete files, and disable services. The BIG-IP system in Appliance mode is also vulnerable. This vulnerability has a CVSS score of 9.8.<\/p>\n\n\n\n<p>For details of this vulnerability, visit the following link:<\/p>\n\n\n\n<p><a href=\"https:\/\/support.f5.com\/csp\/article\/K03009991\">https:\/\/support.f5.com\/csp\/article\/K03009991<\/a><\/p>\n\n\n\n<p><strong>TMUI Remote Command Execution Vulnerability (CVE-2021-22987)<\/strong><\/p>\n\n\n\n<p>In Appliance mode, an authenticated attacker can access TMUI through the BIG-IP management port or his or her IP addresses to complete system compromise and breakout of Appliance mode. This vulnerability can be exploited through the control plane. This vulnerability has a CVSS score of 9.9.<\/p>\n\n\n\n<p>For details of this vulnerability, visit the following link:<\/p>\n\n\n\n<p><a href=\"https:\/\/support.f5.com\/csp\/article\/K18132488\">https:\/\/support.f5.com\/csp\/article\/K18132488<\/a><\/p>\n\n\n\n<p><strong>TMUI Remote Command Execution Vulnerability (CVE-2021-22988)<\/strong><\/p>\n\n\n\n<p>An authenticated attacker can access TMUI through the BIG-IP management port or his or her IP addresses to create or delete files or disable services. This vulnerability can be exploited through the control plane.<\/p>\n\n\n\n<p>For details of this vulnerability, visit the following link:<\/p>\n\n\n\n<p><a href=\"https:\/\/support.f5.com\/csp\/article\/K70031188\">https:\/\/support.f5.com\/csp\/article\/K70031188<\/a><\/p>\n\n\n\n<p><strong>Appliance Mode Advanced WAF\/ASM TMUI Remote Command Execution Vulnerability (CVE-2021-22989)<\/strong><\/p>\n\n\n\n<p>When Advanced WAF or ASM is configured in Appliance mode, an attacker with a role of Administrator, Resource Administrator, or Application Security Administrator with access to TMUI through the BIG-IP management port or his or her own IP addresses can execute arbitrary system commands, create or delete files, or disable services.<\/p>\n\n\n\n<p>For details of this vulnerability, visit the following link:<\/p>\n\n\n\n<p><a href=\"https:\/\/support.f5.com\/csp\/article\/K56142644\">https:\/\/support.f5.com\/csp\/article\/K56142644<\/a><\/p>\n\n\n\n<p><strong>Advanced WAF\/ASM TMUI Remote Command Execution Vulnerability (CVE-2021-22990)<\/strong><\/p>\n\n\n\n<p>On a system configured with Advanced WAF or BIG-IP ASM, an attacker with the role of Administrator, Resource Administrator, or Application Security Administrator with network access to TMUI through the BIG-IP management port or his or her IP address, can execute arbitrary system commands, create or delete files, or disable services.<\/p>\n\n\n\n<p>For details of this vulnerability, visit the following link:<\/p>\n\n\n\n<p><a href=\"https:\/\/support.f5.com\/csp\/article\/K45056101\">https:\/\/support.f5.com\/csp\/article\/K45056101<\/a><\/p>\n\n\n\n<p><strong>TMM &Acirc;&nbsp;Buffer Overflow Vulnerability (CVE-2021-22991)<\/strong><\/p>\n\n\n\n<p>Undisclosed requests to a virtual server may be incorrectly handled by Traffic Management Microkernel (TMM) URI normalization. This may trigger a buffer overflow, resulting in a DoS attack. Attackers could exploit this vulnerability through the control plane to allow bypass of URL-based access control or implement remote code execution (RCE) in certain situations. This vulnerability has a CVSS score of 9.0.<\/p>\n\n\n\n<p>For details of this vulnerability, visit the following link:<\/p>\n\n\n\n<p><a href=\"https:\/\/support.f5.com\/csp\/article\/K56715231\">https:\/\/support.f5.com\/csp\/article\/K56715231<\/a><\/p>\n\n\n\n<p><strong>Advanced WAF\/ASM &Acirc;&nbsp;Buffer Overflow Vulnerability (CVE-2021-22992)<\/strong><\/p>\n\n\n\n<p>A malicious HTTP response to an Advanced WAF\/BIG-IP ASM virtual server with Login Page configured in its policy may trigger a buffer overflow, resulting in a denial of service (DoS) attack. Attackers could exploit this vulnerability through the data plane and cause remote code execution in certain situations. This vulnerability has a CVSS score of 9.0.<\/p>\n\n\n\n<p>For details of this vulnerability, visit the following link:<\/p>\n\n\n\n<p><a href=\"https:\/\/support.f5.com\/csp\/article\/K52510511\">https:\/\/support.f5.com\/csp\/article\/K52510511<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Scope of Impact<\/h2>\n\n\n\n<p><strong>CVE-2021-22986:<\/strong><\/p>\n\n\n\n<p><strong>Affected Versions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>BIG-IP: 16.0.0-16.0.1<\/li><li>BIG-IP: 15.1.0-15.1.2<\/li><li>BIG-IP: 14.1.0-14.1.3.1<\/li><li>BIG-IP: 13.1.0-13.1.3.5<\/li><li>BIG-IP: 12.1.0-12.1.5.2<\/li><\/ul>\n\n\n\n<ul class=\"wp-block-list\"><li>BIG-IQ: 7.1.0-7.1.0.2<\/li><li>BIG-IQ: 7.0.0-7.0.0.1<\/li><li>BIG-IQ: 6.0.0-6.1.0<\/li><\/ul>\n\n\n\n<p><strong>Unaffected Versions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>BIG-IP: 16.0.1.1<\/li><li>BIG-IP: 15.1.2.1<\/li><li>BIG-IP: 14.1.4<\/li><li>BIG-IP: 13.1.3.6<\/li><li>BIG-IP: 12.1.5.3<\/li><\/ul>\n\n\n\n<ul class=\"wp-block-list\"><li>BIG-IQ: 8.0.0<\/li><li>BIG-IQ: 7.1.0.3<\/li><li>BIG-IQ: 7.0.0.2<\/li><\/ul>\n\n\n\n<p><strong>CVE-2021-22987\/CVE-2021-22988\/CVE-2021-22989\/CVE-2021-22990\/CVE-2021-22992<\/strong><\/p>\n\n\n\n<p><strong>Affected Versions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>BIG-IP: 16.0.0-16.0.1<\/li><li>BIG-IP: 15.1.0-15.1.2<\/li><li>BIG-IP: 14.1.0-14.1.3.1<\/li><li>BIG-IP: 13.1.0-13.1.3.5<\/li><li>BIG-IP: 12.1.0-12.1.5.2<\/li><li>BIG-IP: 11.6.1-11.6.5.2<\/li><\/ul>\n\n\n\n<p><strong>Unaffected Versions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>BIG-IP: 16.0.1.1<\/li><li>BIG-IP: 15.1.2.1<\/li><li>BIG-IP: 14.1.4<\/li><li>BIG-IP: 13.1.3.6<\/li><li>BIG-IP: 12.1.5.3<\/li><li>BIG-IP: 11.6.5.3<\/li><\/ul>\n\n\n\n<p><strong>CVE-2021-22991<\/strong><\/p>\n\n\n\n<p><strong>Affected Versions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>BIG-IP: 16.0.0-16.0.1<\/li><li>BIG-IP: 15.1.0-15.1.2<\/li><li>BIG-IP: 14.1.0-14.1.3.1<\/li><li>BIG-IP: 13.1.0-13.1.3.5<\/li><li>BIG-IP: 12.1.0-12.1.5.2<\/li><\/ul>\n\n\n\n<p><strong>Unaffected Versions<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>BIG-IP: 16.0.1.1<\/li><li>BIG-IP: 15.1.2.1<\/li><li>BIG-IP: 14.1.4<\/li><li>BIG-IP: 13.1.3.6<\/li><li>BIG-IP: 12.1.5.3<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Check for the Vulnerability<\/h2>\n\n\n\n<p><strong>Version Check<\/strong><\/p>\n\n\n\n<p>1. Run the following command in TMOS shell (tmsh) to check the current version:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img decoding=\"async\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/1-2.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-12791\" width=\"487\" height=\"28\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/1-2.jpg 976w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/1-2-300x18.jpg 300w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/1-2-768x46.jpg 768w\" sizes=\"(max-width: 487px) 100vw, 487px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/2-1.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-12792\" width=\"494\" height=\"134\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/2-1.jpg 567w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/2-1-300x81.jpg 300w\" sizes=\"(max-width: 494px) 100vw, 494px\" \/><\/figure>\n\n\n\n<p>2. Alternatively, log in to the web-based manager to check the current BIG-IP version:<\/p>\n\n\n\n<p>If it is within the scope of impact, the version is vulnerable.<\/p>\n\n\n\n<figure class=\"wp-block-image size-medium is-resized\"><img decoding=\"async\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/3-1-300x110.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-12793\" width=\"513\" height=\"188\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/3-1-300x110.jpg 300w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/3-1-768x281.jpg 768w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/3-1.jpg 955w\" sizes=\"(max-width: 513px) 100vw, 513px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Mitigation<\/h2>\n\n\n\n<p><strong>Official Fix<\/strong><\/p>\n\n\n\n<p>Currently, these vulnerabilities have been fixed in the latest version. If you are affected by this vulnerability, please upgrade your installation as soon as possible. For the links to the downloadable new releases, see the following:<\/p>\n\n\n\n<p>BIG-IP: <a href=\"https:\/\/support.f5.com\/csp\/article\/K9502\">https:\/\/support.f5.com\/csp\/article\/K9502 <\/a><\/p>\n\n\n\n<p>BIG-IQ: <a href=\"https:\/\/support.f5.com\/csp\/article\/K15113\">https:\/\/support.f5.com\/csp\/article\/K15113<\/a><\/p>\n\n\n\n<p>For the upgrade guide and notes, please refer to the following links:<\/p>\n\n\n\n<p>BIG-IP: <a href=\"https:\/\/support.f5.com\/csp\/article\/K13123\">https:\/\/support.f5.com\/csp\/article\/K13123 <\/a><\/p>\n\n\n\n<p>BIG-IQ: <a href=\"https:\/\/support.f5.com\/csp\/article\/K15106\">https:\/\/support.f5.com\/csp\/article\/K15106<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Workaround<\/h2>\n\n\n\n<p>If it is impossible to upgrade currently, users can take the following mitigation measures:<\/p>\n\n\n\n<p><strong>CVE-2021-22986:<\/strong><\/p>\n\n\n\n<p>Block access to iControl REST from self IP addresses: Set the Port Lockdown option of each IP address to Allow None. If you must open any ports, you should enable the Allow Custom option. By default, iContro l REST listens on port 443.<\/p>\n\n\n\n<p>Block access to iControl REST through the management interface: restrict management access only to trusted users and devices.<\/p>\n\n\n\n<p><strong>CVE-2021-22987\/CVE-2021-22988\/CVE-2021-22989\/CVE-2021-22989:<\/strong><\/p>\n\n\n\n<p>Block access to Configuration utility from self IP addresses: Set the Port Lockdown option of each IP address on the system to Allow None. If you must open any ports, you should enable the Allow Custom option. By default, utilities are configured to listen on port 443.<\/p>\n\n\n\n<p>Block access to Configuration utility through the management interface: restrict management access only to trusted users and F5 devices.<\/p>\n\n\n\n<p><strong>CVE-2021-22992:<\/strong><\/p>\n\n\n\n<p><strong>Use iRule to mitigate malicious connections:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Log in to the Configuration utility.<\/li><li>Choose <strong>Local Traffic &gt; iRules &gt; iRule List<\/strong>.<\/li><li>Select <strong>Create<\/strong>.<\/li><li>Type the name of iRule.<\/li><li>Add the following iRule code in the Definition.<\/li><\/ol>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/4-1.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-12796\" width=\"379\" height=\"382\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/4-1.jpg 758w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/4-1-298x300.jpg 298w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/4-1-150x150.jpg 150w\" sizes=\"(max-width: 379px) 100vw, 379px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/5-1.png\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-12797\" width=\"375\" height=\"261\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/5-1.png 577w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2021\/03\/5-1-300x208.png 300w\" sizes=\"(max-width: 375px) 100vw, 375px\" \/><\/figure>\n\n\n\n<ol class=\"wp-block-list\" start=\"6\"><li>Select <strong>Finished<\/strong>.<\/li><li>Correlate iRule with the vulnerable virtual servers.<\/li><\/ol>\n\n\n\n<p><strong>Modify configurations on the login interface:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\" type=\"1\"><li>Log in to the Configuration utility of the affected Advanced WAF\/ASM system.<\/li><li>Choose <strong>Security &gt; Application Security &gt; Sessions and Logins &gt; Login Pages List<\/strong>.<\/li><li>Select a security policy from the current edited policy list.<\/li><li>Remove all configuration from both the settings.<\/li><li>Select <strong>Save<\/strong> to save the changes.<\/li><li>Select <strong>Apply Policy<\/strong> to apply the changes.<\/li><li>Select <strong>OK<\/strong> to confirm the operation.<strong><\/strong><\/li><\/ol>\n\n\n\n<p>&nbsp; <strong>&nbsp;<\/strong><strong>Remove login pages:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\" type=\"1\"><li>Log in to the Configuration utility of the affected Advanced WAF\/ASM system.<\/li><li>Choose<strong> Security &gt; Application Security &gt; Sessions and Logins &gt; Login Pages List<\/strong>.<\/li><li>Select security policies from the current edited policy list.<\/li><li>Select the login page configuration you want to remove.<\/li><li>Select <strong>Delete<\/strong>.<\/li><li>Select <strong>OK<\/strong> to confirm the deletion.<\/li><li>Select <strong>Apply Policy<\/strong> to apply the changes.<\/li><li>Select <strong>OK<\/strong> to confirm the operation.<\/li><\/ol>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Statement<\/strong><\/h2>\n\n\n\n<p>This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and\/or indirect consequences and losses caused by transmitting and\/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add\/delete any information to\/from it, or use this advisory for commercial purposes without permission from NSFOCUS.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>About NSFOCUS<\/strong><\/h2>\n\n\n\n<p>NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyberattacks. The company&#8217;s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.<\/p>\n\n\n\n<p>NSFOCUS works with Fortune Global 500 companies, including four of the world&#8217;s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).<\/p>\n\n\n\n<p>A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.<\/p>\n<\/body><\/html>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability Description On March 11, NSFOCUS observed that F5 released a security bulletin to announce the fix of multiple high-risk vulnerabilities, CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, and CVE-2021-22992, which affect BIG-IP and BIG-IQ in F5. Users are advised to take preventive measures as soon as possible. BIG-IP is an F5 application delivery platform that [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":11427,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[6],"tags":[403],"class_list":["post-12789","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-emergency-response","tag-f5"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Vulnerability Description On March 11, NSFOCUS observed that F5 released a security bulletin to announce the fix of multiple high-risk vulnerabilities,\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-24T09:25:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-17T18:07:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/09\/0915-1.jpg\" \/>\n<meta name=\"author\" content=\"Jie Ji\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Vulnerability Description On March 11, NSFOCUS observed that F5 released a security bulletin to announce the fix of multiple high-risk vulnerabilities,\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/09\/0915-1.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jie Ji\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/\"},\"author\":{\"name\":\"Jie Ji\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/1077d8fcd7e52c96f17a33b63a0d157b\"},\"headline\":\"F5 BIG-IP\\\/BIG-IQ High-Risk Vulnerabilities Threat Alert\",\"datePublished\":\"2021-03-24T09:25:06+00:00\",\"dateModified\":\"2026-04-17T18:07:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/\"},\"wordCount\":1402,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/0915-1.jpg\",\"keywords\":[\"F5\"],\"articleSection\":[\"Emergency Response\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/\",\"name\":\"F5 BIG-IP\\\/BIG-IQ High-Risk Vulnerabilities Threat Alert - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/0915-1.jpg\",\"datePublished\":\"2021-03-24T09:25:06+00:00\",\"dateModified\":\"2026-04-17T18:07:46+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/0915-1.jpg\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/0915-1.jpg\",\"width\":468,\"height\":200,\"caption\":\"Earth horizon with digital code overlay.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"F5 BIG-IP\\\/BIG-IQ High-Risk Vulnerabilities Threat Alert\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/#\\\/schema\\\/person\\\/1077d8fcd7e52c96f17a33b63a0d157b\",\"name\":\"Jie Ji\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g\",\"caption\":\"Jie Ji\"},\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/jji\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert - NSFOCUS","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/","og_locale":"pt_BR","og_type":"article","og_title":"F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert - NSFOCUS","og_description":"Vulnerability Description On March 11, NSFOCUS observed that F5 released a security bulletin to announce the fix of multiple high-risk vulnerabilities,","og_url":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/","og_site_name":"NSFOCUS","article_published_time":"2021-03-24T09:25:06+00:00","article_modified_time":"2026-04-17T18:07:46+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/09\/0915-1.jpg","type":"","width":"","height":""}],"author":"Jie Ji","twitter_card":"summary_large_image","twitter_title":"F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert - NSFOCUS","twitter_description":"Vulnerability Description On March 11, NSFOCUS observed that F5 released a security bulletin to announce the fix of multiple high-risk vulnerabilities,","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/09\/0915-1.jpg","twitter_misc":{"Escrito por":"Jie Ji","Est. tempo de leitura":"7 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/"},"author":{"name":"Jie Ji","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/1077d8fcd7e52c96f17a33b63a0d157b"},"headline":"F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert","datePublished":"2021-03-24T09:25:06+00:00","dateModified":"2026-04-17T18:07:46+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/"},"wordCount":1402,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/09\/0915-1.jpg","keywords":["F5"],"articleSection":["Emergency Response"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/","url":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/","name":"F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/09\/0915-1.jpg","datePublished":"2021-03-24T09:25:06+00:00","dateModified":"2026-04-17T18:07:46+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/09\/0915-1.jpg","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/09\/0915-1.jpg","width":468,"height":200,"caption":"Earth horizon with digital code overlay."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/f5-big-ip-big-iq-high-risk-vulnerabilities-threat-alert\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"F5 BIG-IP\/BIG-IQ High-Risk Vulnerabilities Threat Alert"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/#website","url":"https:\/\/nsfocusglobal.com\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/#\/schema\/person\/1077d8fcd7e52c96f17a33b63a0d157b","name":"Jie Ji","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/61cb438513c138ce3f1f49e3485f113a0215220de5e284a2bd4e85358f6c8d02?s=96&d=mm&r=g","caption":"Jie Ji"},"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/jji\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/12789","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=12789"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/12789\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/11427"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=12789"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=12789"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=12789"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}