F5 Big-Ip Apm vulnerabilities

CVE-2025-59269 [HIGH] CWE-79 CVE-2025-59269: A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility t... CVE-2025-59269: A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility t... A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged

CVE-2025-59268 [MEDIUM] CWE-201 CVE-2025-59268: On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauth... CVE-2025-59268: On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauth... On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. Note: Software

CVE-2025-58153 [HIGH] CWE-667 CVE-2025-58153: Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a Hig... CVE-2025-58153: Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a Hig... Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge (HSB) may experience a lockup of the HSB. Note: Software versi

CVE-2025-47148 [HIGH] CWE-404 CVE-2025-47148: When the BIG-IP system is configured as both a Security Assertion Markup Language (SAML) service provider (SP) and Id... CVE-2025-47148: When the BIG-IP system is configured as both a Security Assertion Markup Language (SAML) service provider (SP) and Id... When the BIG-IP system is configured as both a Security Assertion Markup Language (SAML) service provider (SP) and Identity Provider (IdP), with single logout (SLO) enabled on an access policy, u

CVE-2025-59483 [HIGH] CWE-73 CVE-2025-59483: A validation vulnerability exists in an undisclosed URL in the Configuration utility CVE-2025-59483: A validation vulnerability exists in an undisclosed URL in the Configuration utility A validation vulnerability exists in an undisclosed URL in the Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Affected Products: BIG-IP AAM, BIG-IP AFM, BIG-IP APM, BIG-IP ASM, BIG-IP AVR, BIG-IP A

CVE-2025-58424 [MEDIUM] CWE-340 CVE-2025-58424: On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols whic... CVE-2025-58424: On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols whic... On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection. Note: Software versions which ha

CVE-2025-52585 [HIGH] CWE-476 CVE-2025-52585: When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous D... CVE-2025-52585: When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous D... When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman (ADH) ciphers enabled, undisclosed requests can cause the Traffi

CVE-2025-46405 [HIGH] CWE-121 CVE-2025-46405: When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Managemen... CVE-2025-46405: When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Managemen... When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reach

CVE-2025-48500 [HIGH] CWE-353 CVE-2025-48500: A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, ... CVE-2025-48500: A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, ... A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with

CVE-2025-54500 [MEDIUM] CWE-770 CVE-2025-54500: An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to ... CVE-2025-54500: An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to ... An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack). Note:

CVE-2025-36504 [HIGH] CWE-770 CVE-2025-36504: When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increas... CVE-2025-36504: When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increas... When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory resource utilization. Note: Software versions which have reached E

CVE-2025-36557 [HIGH] CWE-120 CVE-2025-36557: When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests c... CVE-2025-36557: When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests c... When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software

CVE-2025-31644 [HIGH] CWE-77 CVE-2025-31644: When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP T... CVE-2025-31644: When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP T... When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command which may allow an authenticated attacker with adminis

CVE-2025-41433 [HIGH] CWE-476 CVE-2025-41433: When a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is c... CVE-2025-41433: When a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is c... When a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is configured on a Message Routing virtual server, undisclosed requests can cause

CVE-2025-41431 [HIGH] CWE-787 CVE-2025-41431: When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Mi... CVE-2025-41431: When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Mi... When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate in the standby BIG-IP systems in a traffic group.

CVE-2025-41399 [HIGH] CWE-404 CVE-2025-41399: When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests ca... CVE-2025-41399: When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests ca... When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions wh

CVE-2025-41414 [HIGH] CWE-476 CVE-2025-41414: When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate CVE-2025-41414: When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (

CVE-2025-36525 [HIGH] CWE-120 CVE-2025-36525: When a BIG-IP APM virtual server is configured to use a PingAccess profile, undisclosed requests can cause TMM to ter... CVE-2025-36525: When a BIG-IP APM virtual server is configured to use a PingAccess profile, undisclosed requests can cause TMM to ter... When a BIG-IP APM virtual server is configured to use a PingAccess profile, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support

CVE-2025-23239 [HIGH] CWE-77 CVE-2025-23239: When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection v... CVE-2025-23239: When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection v... When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful expl

CVE-2025-20058 [HIGH] CWE-400 CVE-2025-20058: When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in... CVE-2025-20058: When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in... When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End o