PT-2025-5730 · F5 · Big-Ip+21
Published
2025-02-05
·
Updated
2025-02-05
·
CVE-2025-21087
CVSS v4.0
8.9
High
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
No specific software name or versions are mentioned in the provided descriptions.
Description:
When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note that software versions which have reached End of Technical Support (EoTS) are not evaluated.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Big-Ip
Big-Ip Next
Big-Ip Access Policy Manager
Big-Ip Advanced Firewall Manager
Big-Ip Advanced Web Application Firewall
Big-Ip Analytics
Big-Ip Application Acceleration Manager
Big-Ip Application Security Manager
Big-Ip Application Visibility/Reporting
Big-Ip Automation Toolchain
Big-Ip Carrier-Grade Nat
Big-Ip Container Ingress Services
Big-Ip Ddos Hybrid Defender
Big-Ip Domain Name System
Big-Ip Edge Gateway
Big-Ip Fraud Protection Service
Big-Ip Local Traffic Manager
Big-Ip Link Controller
Big-Ip Policy Enforcement Manager
Big-Ip Ssl Orchestrator
Big-Ip Webaccelerator
Big-Ip Websafe