BugZero | F5 BugID 1032405 - TMUI XSS vulnerability CVE-2021-23037

OPERATIONAL DEFECT DATABASE

...

BugZero | F5 BugID 1032405 - TMUI XSS vulnerability CVE-2021-23037

F5 - Defect ID: 1032405

TMUI XSS vulnerability CVE-2021-23037

F5 - Defect ID: 1032405

TMUI XSS vulnerability CVE-2021-23037

Last updated on August 13th, 2025

BugZero Risk Score
9.4 High

Overall: 9.4

Severity: 10.0

Community: 4.2

Lifecycle: 8.3

What is the BugZero Risk Score?

F5 Integration

Learn more about where this data comes from

F5 Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: 1-Blocking
Status: Verified
Impact Category: TMOS

Description

Bug Tracker ... ID 1032405 ... Bug ID 1032405: TMUI XSS vulnerability CVE-2021-23037 ... Last Modified: Aug 13, 2025 ... Affected Product(s): See more info ... BIG-IP LTM(all modules) ... Opened: Jul 08, 2021 ... Vulnerability Severity: High ... CVE: CVE-2021-23037 ... Related Article: K21435974

Change history

2025-08-12 Added: 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4

Top F5 Defects

9.4Defect ID: 1474081
Central Manager upgrade fails, leaving VM in maintenance mode
9.3Defect ID: 1926489
L2 Port motion events are not generated for certain port combinations on r10k.
9.3Defect ID: 970269
Install fails as lind keeps failing due to "Fatal error: block id new probe failed - device file:/dev/cdrom"
9.3Defect ID: 1785385
Intermittent traffic failures when tenant is running BIG-IP v17.1.2 or above and host is on version prior to F5OS-A 1.8.0 or F5OS-C 1.8.0
9.1Defect ID: 1289981
Tenants on r2000 and r4000 systems will not pass traffic through VLAN groups, or if ltm global-settings general share-single-mac changed from "vmw-compat"

F5 Integration

Learn more about where this data comes from

F5 Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

F5 - Defect ID: 1032405

TMUI XSS vulnerability CVE-2021-23037

F5 - Defect ID: 1032405

TMUI XSS vulnerability CVE-2021-23037

Last updated on August 13th, 2025

BugZero Risk Score9.4 High

Bug Details

Links

Top F5 Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
9.4 High