{"vulnerability": "CVE-2021-22991", "sightings": [{"uuid": "c558d676-0702-4ee2-88cc-26b5b88d840e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22991", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "ee3c10c7-b8ed-4736-b338-87483722e9d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22991", "type": "seen", "source": "MISP/44f8fbab-88c1-41d9-bb3c-09e163703df0", "content": "", "creation_timestamp": "2024-11-14T06:07:58.000000Z"}, {"uuid": "c8d0df7a-2b4a-4f14-aceb-3e29df13d598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22991", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971215", "content": "", "creation_timestamp": "2024-12-24T20:25:59.940386Z"}, {"uuid": "56bf209f-3907-433f-bc22-a1f682be1e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22991", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:29.000000Z"}, {"uuid": "d8e1cbdf-199c-414a-8e75-5ab3dfe5490b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22991", "type": "seen", "source": "https://t.me/arpsyndicate/924", "content": "#ExploitObserverAlert\n\nCVE-2021-22991\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2021-22991. On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3, undisclosed requests to a virtual server may be incorrectly handled by the Traffic Management Microkernel (TMM) URI normalization, which may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may theoretically allow bypass of URL based access control or remote code execution (RCE). Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.\n\nFIRST-EPSS: 0.791400000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-03T11:46:55.000000Z"}, {"uuid": "ffb7647c-7c4b-473f-8f6c-1527aa2e25d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-22991", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_10/21", "content": "", "creation_timestamp": "2021-03-11T10:08:20.000000Z"}, {"uuid": "6bfd1f57-7a9d-46ed-8c0c-b697d5bf55df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-22991", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=561", "content": "", "creation_timestamp": "2021-03-12T04:00:00.000000Z"}, {"uuid": "7fbe83e0-e07f-436a-8254-cc3e3b60cbd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-22991", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/42179449-d348-4b94-8237-1de61696fec6", "content": "", "creation_timestamp": "2026-02-02T12:28:27.914259Z"}, {"uuid": "dd72d729-4c4a-4036-a524-8fd879fab5db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22991", "type": "seen", "source": "Telegram/RvBtzQw5BxG2kEFTTGiJ_a7-uhs_IE1jJvStrl8ydy-XEGg3", "content": "", "creation_timestamp": "2025-01-30T02:17:48.000000Z"}, {"uuid": "d5259e4a-2fd5-4d41-b4b7-00bebaee1a97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22991", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2881", "content": "Critical 1-day Vulnerabilities in F5 BIG-IP, BIG-IQ\n\n1. CVE-2021-22986:\nTraffic Management Microkernels (TMM) uri_normalize_host infoleak/out-of-bounds write\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2126\n2. CVE-2021-22992:\nASM stack-based buffer overflow in is_hdr_criteria_matches\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2132\n3. CVE-2021-22991:\nTMM uri_normalize_host infoleak/out-of-bounds write\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2126", "creation_timestamp": "2024-05-07T14:26:21.000000Z"}]}