CVE-2021-22991CISA KEVEPSS p99.0%

CVE-2021-22991F5 BIG-IP Traffic Management Microkernel Buffer Overflow

F5 / BIG-IP Traffic Management Microkernel

Description

The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.

Scoring

EPSS61.06% probability of exploitation · percentile 99.0% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2022-01-18

(incoming)1

TypeTargetConfidenceTier
KEVEntryF5 BIG-IP Traffic Management Microkernel Buffer Overflowkev-cve-2021-229910%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
F5 BIG-IP Stack-Based Buffer Overflow Vulnerability
CVE
F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability
CVE
F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability
CVE
F5 BIG-IP Missing Authentication Vulnerability
CVE
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
CVE
SonicWall SonicOS Buffer Overflow Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.