15 matches found
K000160727: BIG-IP Advanced WAF and ASM vulnerability CVE-2026-40060
Security Advisory Description When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. CVE-2026-40060 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a remote,...
CVE-2026-22548
CVE-2026-22548 affects BIG-IP Advanced WAF/ASM when a security policy is configured on a virtual server. Undisclosed requests can cause the bd process to terminate, resulting in a DoS on the BIG-IP system. The issue is addressed in BIG-IP version 17.1.3 for the 17.x branch (previous 17.1.0–17.1.2...
PT-2026-6106
Name of the Vulnerable Software and Affected Versions F5 BIG-IP Advanced WAF and ASM affected versions not specified Description A configuration issue within BIG-IP Advanced WAF or ASM security policies on a virtual server can lead to the termination of the bd process due to undisclosed requests...
CVE-2025-61935
When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-61935 BIG-IP Advanced WAF and ASM vulnerability
When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-61935 BIG-IP Advanced WAF and ASM vulnerability
When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 Corporation. A security vulnerability exists in F5 BIG-IP, which originates from a bd process that may repeatedly terminate when th...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. A security vulnerability exists in F5 BIG-IP that originates from the presence of a malformed JSON schema in the JSON content...
PT-2024-19799 · F5 · Big-Ip
Name of the Vulnerable Software and Affected Versions: BIG-IP affected versions not specified Description: When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition...
Code injection
When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate...
CVE-2022-41836 BIG-IP Advanced WAF and ASM bd vulnerability CVE-2022-41836
When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate...
CVE-2022-41836 BIG-IP Advanced WAF and ASM bd vulnerability CVE-2022-41836
When an 'Attack Signature False Positive Mode' enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate...
CVE-2022-41691 BIG-IP Advanced WAF/ASM bd vulnerability CVE-2022-41691
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate...
CVE-2022-26890
On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions prior to 16.1.2.1, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when ASM or Advanced WAF, as well as APM, are configured on a virtual server, the ASM policy is configured with Sessi...
CVE-2021-23050
On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3 and NGINX App Protect on all versions before 3.5.0, when a cross-site request forgery CSRF-enabled policy is configured on a virtual server, an undisclosed HTML response may cause the bd process to...