CVE-2026-2507

When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-2507

CVE-2026-2507 affects BIG-IP AFM and BIG-IP DDoS Hybrid Defender where provisioning can trigger Traffic Management Microkernel (TMM) termination due to undisclosed traffic, causing DoS. The advisory notes EoTS-excluded versions. Affected versions are not fully listed in these sources, but F5’s K0...

CVE-2025-59478

When a BIG-IP AFM denial-of-service DoS protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K000150010: BIG-IP AFM security exposure

Security Advisory Description After a reboot, the BIG-IP AFM ipsd process may unexpectedly fail to enforce the Intrusion Prevention System IPS signatures configured for protocol inspection profiles. This condition can persist for some time even though the system reports the protocol inspection...

F5 BIG-IP AFM Security Vulnerability

F5 BIG-IP AFM is an advanced firewall product for protection against DDos attacks from F5 USA. A security vulnerability exists in the F5 BIG-IP AFM that stems from the fact that for unspecified traffic patterns, the BIG-IP AFM IPS engine may take an excessive amount of time to match traffic to...

PT-2022-19172 · F5 · Big-Ip Afm

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP AFM versions prior to 16.1.2.2 F5 BIG-IP AFM versions prior to 15.1.5.1 F5 BIG-IP AFM versions prior to 14.1.4.6 F5 BIG-IP AFM versions prior to 13.1.5 Description: An authenticated attacker with high privileges can upload a...

F5 BIG-IP AFM 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IP has a security vulnerability that can be exploited by attackers to cause a denial of service...

F5 BIG-IP AFM 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A security vulnerability exists in F5 BIG-IP AFM, which can be exploited by attackers to cause a denial of service on the...

CVE-2020-5920

In versions 15.0.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a vulnerability in the BIG-IP AFM Configuration utility may allow any authenticated BIG-IP user to perform a read-only blind SQL injection attack...

F5 BIG-IP AFM Input Validation Error Vulnerability

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. An input validation error vulnerability exists in F5 BIG-IP AFM versions 15.0.0 through 15.0.1, 14.0.0 through 14.1.2, and 13.1.0 through 13.1.3.1, which can be exploited by an attacker to cause...

CVE-2019-6658

On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a vulnerability in the AFM configuration utility may allow any authenticated BIG-IP user to run an SQL injection attack...

F5 BIG-IP Cross-Site Scripting Vulnerability (CNVD-2019-30620)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in the AFM feed list in the F5 BIG-IP AFM and ASM, which can be exploited by an...