F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from HTTP/2...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. There is a security vulnerability in F5 BIG-IP. This vulnerability arises from the...

EUVD-2025-34671

When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-61990

When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

EUVD-2025-34652

When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions...

CVE-2025-58071 BIG-IP IPSec vulnerability

When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-53474

When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-48008

When a TCP profile with Multipath TCP MPTCP enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS ar...

CVE-2025-41430

When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-41430 BIG-IP SSL Orchestrator vulnerability

When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-41430

CVE-2025-41430 affects BIG-IP SSL Orchestrator. When enabled, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate, enabling a remote unauthenticated DoS on the BIG-IP system. Affected versions include BIG-IP SSL Orchestrator 16.1.0–16.1.3, 17.x prior to 17.5.1/17.1...

CVE-2025-59478 BIG-IP AFM DoS protection profile vulnerability

When a BIG-IP AFM denial-of-service DoS protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

PT-2025-33000 · F5 · Big-Ip Apm

Name of the Vulnerable Software and Affected Versions: BIG-IP APM versions affected versions not specified Description: When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Recommendations: At the...

CVE-2021-23035

On BIG-IP 14.1.x before 14.1.4.4, when an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluat...

PT-2025-20301 · F5 · Big-Ip Pem

Name of the Vulnerable Software and Affected Versions: BIG-IP PEM affected versions not specified Description: The issue occurs when a BIG-IP PEM system is licensed with URL categorization and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server. In thi...

CVE-2024-33608

When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-22422 HTTP profile vulnerability

On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, when a HTTP profile with the non-default Enforcement options of Enforce HTTP Compliance and Unknown Methods: Reject are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to...

CVE-2023-22302 BIG-IP HTTP profile vulnerability

In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3, when an HTTP profile is configured on a virtual server and conditions beyond the attacker’s control exist on the target pool member, undisclosed requests sent to the BIG-IP system can cause the Traffic...

CVE-2023-22281 BIG-IP AFM vulnerability

On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel...

CVE-2022-41813 BIG-IP PEM and AFM TMUI, TMSH and iControl vulnerability CVE-2022-41813

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel TMM to terminate...