cbcvebase.

F5 Big-Ip Next Cnf vulnerabilities

25 known vulnerabilities affecting f5/big-ip_next_cnf.

Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH22MEDIUM3

Vulnerabilities

Page 2 of 2
CVE-2025-24312HIGHCVSS 8.7≥ 1.1.0, < 1.4.02025-02-05
CVE-2025-24312 [HIGH] CWE-770 CVE-2025-24312: When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
nvdf5
CVE-2024-41164HIGHCVSS 8.2≥ 1.1.0, < 1.2.02024-08-14
CVE-2024-41164 [HIGH] CWE-476 CVE-2024-41164: When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed t When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
nvdf5
CVE-2024-25560HIGHCVSS 7.5≥ 1.1.0, < 1.2.02024-05-08
CVE-2024-25560 [HIGH] CWE-476 CVE-2024-25560: When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Manageme When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
nvdf5
CVE-2024-28132MEDIUMCVSS 4.4≥ 1.2.0, < 1.3.02024-05-08
CVE-2024-28132 [MEDIUM] CWE-922 CVE-2024-28132: Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an au Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
nvdf5
CVE-2024-23306HIGHCVSS 7.1≥ 1.0.0, < 1.2.02024-02-14
CVE-2024-23306 [HIGH] CWE-522 CVE-2024-23306: A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensi A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensitive files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
nvdf5
← Previous2 / 2