CVE-2025-61990

When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-58071

When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

EUVD-2025-34636

Undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. This issue may occur when a Datagram Transport Layer Security DTLS 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the...

CVE-2025-55670 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-41430

CVE-2025-41430 affects BIG-IP SSL Orchestrator. When enabled, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate, enabling a remote unauthenticated DoS on the BIG-IP system. Affected versions include BIG-IP SSL Orchestrator 16.1.0–16.1.3, 17.x prior to 17.5.1/17.1...

F5 Networks BIG-IP : BIG-IP APM vulnerability (K000151546)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.6 / 17.1.2.2. It is, therefore, affected by a vulnerability as referenced in the K000151546 advisory. When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the...

F5 BIG-IP PEM 缓冲区错误漏洞

F5 BIG-IP PEM is a policy enforcer used in BIG-IP from F5 USA. A security vulnerability exists in F5 BIG-IP PEM that can be exploited by an attacker to cause the Traffic Management Microkernel TMM to terminate when configuring URL categorization on a virtual server...

CVE-2023-22839

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests...

CVE-2021-23035

On BIG-IP 14.1.x before 14.1.4.4, when an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluat...

CVE-2020-27716

On versions 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel TMM stops responding and restarts...

Multiple F5 products have design flaws

F5 BIG-IP LTM, etc. are products of F5 USA.LTM is a local traffic manager; APM is a set of solutions that provide secure and unified access to business-critical applications and networks. A security vulnerability exists in several F5 products. An attacker could exploit the vulnerability to cause...