K000154614: BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability CVE-2025-55670

Security Advisory Description On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-55670 Impact Traffic is disrupted while the TMM process restarts. This vulnerability...

CVE-2024-37028

BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

The vulnerability of the application software interface of the BIG-IP Next Central Manager allows unauthorized access to protected information, enabling attackers to obtain the administrator’s password hash.

The vulnerability of the application software interface of the BIG-IP Next Central Manager relates to the disclosure of protected information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain the administrator’s password hash by executing a specially...

CVE-2024-21793

An OData injection vulnerability exists in the BIG-IP Next Central Manager API URI. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...