324 matches found
CVE-2019-6672
On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, and 13.1.0-13.1.3.1, when bad-actor detection is configured on a wildcard virtual server on platforms with hardware-based sPVA, the performance of the BIG-IP AFM system is degraded...
F5 BIG-IP AFM Denial of Service Vulnerability (CNVD-2025-07319)
F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A denial of service vulnerability exists in F5 BIG-IP AFM, which stems from a misconfiguration of protocol checks and can be exploited by an attacker to cause an increase in CPU resource utilization...
CVE-2025-24312
When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are...
CVE-2025-24312
When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are...
CVE-2025-24312 BIG-IP AFM vulnerability
When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are...
CVE-2025-24312
CVE-2025-24312 affects BIG-IP AFM. When IPS is enabled and a protocol inspection profile is configured on a virtual server or policy, undisclosed traffic can cause CPU resource utilization, potentially leading to DoS. Affected fixes are provided in: BIG-IP AFM 17.1.0–17.1.1 (fix 17.1.2); BIG-IP A...
CVE-2025-24312 BIG-IP AFM vulnerability
When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are...
K000141380: BIG-IP AFM vulnerability CVE-2025-24312
Security Advisory Description When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. CVE-2025-24312 Impact System performance can...
PT-2025-5739
Name of the Vulnerable Software and Affected Versions: BIG-IP AFM affected versions not specified Description: The issue occurs when BIG-IP AFM is provisioned with the IPS module enabled and a protocol inspection profile is configured on a virtual server or firewall rule or policy. Undisclosed...
CVE-2024-25560 TMM Vulnerability
When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2024-25560
CVE-2024-25560 affects F5 BIG-IP AFM/TMM: when a DNS profile is applied to a virtual server, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate, leading to DoS. The advisory K000139037 lists affected branches and fixes: BIG-IP (all modules) 17.x (17.1.0 vulner...
CVE-2024-25560 TMM Vulnerability
When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000139037: TMM vulnerability CVE-2024-25560
Security Advisory Description When a DNS profile is applied to a virtual server, undisclosed DNS traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-25560 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote unauthenticated...
PT-2024-21005 · F5 · Big-Ip Afm
Name of the Vulnerable Software and Affected Versions: BIG-IP AFM affected versions not specified Description: When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel TMM to terminate. Recommendations: At the moment, there is no informatio...
K000138682: libssh vulnerability CVE-2023-2283
Security Advisory Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepkiverifydatasignature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The...
CVE-2024-21771
For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel TMM restarting and traffic disruption. Note: Software versions which have reached End of Technical Support EoTS are no...
Default credentials
When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queries can cause the Traffic Management Microkernel TMM to terminate. NOTE: Software versions which have reached End of Technical Support EoTS are not evaluated...
Code injection
For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel TMM restarting and traffic disruption. Note: Software versions which have reached End of Technical Support EoTS are no...
CVE-2024-21763 BIG-IP AFM vulnerability
When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queries can cause the Traffic Management Microkernel TMM to terminate. NOTE: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2024-21763 BIG-IP AFM vulnerability
When BIG-IP AFM Device DoS or DoS profile is configured with NXDOMAIN attack vector and bad actor detection, undisclosed queries can cause the Traffic Management Microkernel TMM to terminate. NOTE: Software versions which have reached End of Technical Support EoTS are not evaluated...