Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

K000149540: Quarterly Security Notification (February 2025)

🗓️ 05 Feb 2025 14:41:06Reported by f5Type 
f5
 f5🔗 my.f5.com👁 39 Views

F5's February 2025 security advisory outlines vulnerabilities affecting BIG-IP devices.

Related
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for CVE-2025-20029
1 May 202505:46
githubexploit
GithubExploit		Exploit for CVE-2025-20029
23 Feb 202518:36
githubexploit
ATTACKERKB		CVE-2025-23239
5 Feb 202518:15
attackerkb
ATTACKERKB		CVE-2025-24320
5 Feb 202518:15
attackerkb
ATTACKERKB		CVE-2025-20029
5 Feb 202518:15
attackerkb
BDU FSTEC		The vulnerability of the TMOS Shell configuration tool’s IControl REST interface allows attackers to execute arbitrary commands. This vulnerability relates to the BIG-IP Access Policy Manager, as well as software programs such as BIG-IP Advanced Firewall Manager, BIG-IP Advanced Web Application Firewall, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Application Visibility and Reporting (AVR), BIG-IP Camer-Grade NAT (CGNAT), BIG-IP DDos Hybrid Defender, BIG-IP Domain Name System, BIG-IP Edge Gateway, BIG-IP Fraud Protection Service, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IP Policy Inforcement Manager, BIG-IP SSL Orchestrator, BIG-IP Webaccelerator, and BIG-IP WebSafe.
25 Feb 202500:00
bdu_fstec
BDU FSTEC		The vulnerability of the Message Routing component of the access control and remote authentication solution BIG-IP allows a perpetrator to cause a service failure.
9 May 202500:00
bdu_fstec
BDU FSTEC		The vulnerability of the iControl REST component of the access control and remote authentication solution for BIG-IP allows a perpetrator to inject arbitrary commands.
9 May 202500:00
bdu_fstec
BDU FSTEC		The vulnerability affects the FSM component of the software used for traffic management, load balancing, and security protection in BIG-IP Next Service Proxy for Kubernetes (SPK), as well as the access control and remote authentication mechanisms in BIG-IP. This allows attackers to cause service failures.
9 May 202500:00
bdu_fstec
BDU FSTEC		The vulnerability of the Access profile component of the access control and remote authentication solution BIG-IP Access Policy Manager allows a perpetrator to trigger a service failure.
9 May 202500:00
bdu_fstec
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
10 Feb 2025 18:14Current
6.6Medium risk
Vulners AI Score6.6
CVSS 48.9
CVSS 3.18.7 - 8.8
EPSS0.07844
SSVC
f5security advisoryvulnerabilitiesbig-ipfebruary 2025cveshigh cvesmedium cveslow cvesaffected productsaffected versionsfixes introduced
39