This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. ... You can find the details of each issue in the associated articles. ... You can watch the May 2025 Quarterly Security Notification (QSN) live briefing at 9:00 AM Pacific Time by DevCentral in the following video:
When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands.
Note: The BIG-IP software support policy described in this article also applies to Virtual Edition (VE) releases of the software. ... Note: The F5 software support policy described in this article does not apply to the F5 BIG-IP Edge Client application software delivered through the Apple App Store or Android Market.
When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory resource utilization. ... System performance can degrade until the Traffic Management Microkernel (TMM) process is either forced to restart or is manually restarted.
When a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.
This article describes the basic configuration of a proxy server. ... You will learn how to pass a request from NGINX to proxied servers over different protocols, modify client request headers that are sent to the proxied server, and configure buffering of responses coming from the proxied servers.
When a BIG-IP APM PingAccess profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. ... Traffic is disrupted while the TMM process restarts.
When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate in the standby BIG-IP systems in a traffic group.
Traffic is disrupted while the TMM process restarts. ... This vulnerability allows a remote, unauthenticated attacker to cause a denial-of-service (DoS) on the BIG-IP system. ... There is no control plane exposure; this is a data plane issue only.
K15365: License activation may be required prior to software upgrade for the BIG-IQ system ... After performing an upgrade to a new major or minor release, and upon booting into the new version, the BIG-IP licensing system needs to verify that the static license check date in your BIG-IP version against the service check date in the license file.