PT-2025-5742 · F5 · Big-Ip Advanced Waf/Asm
Published
2025-02-05
·
Updated
2025-08-08
·
CVE-2025-24326
CVSS v4.0
8.9
High
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions:
BIG-IP Advanced WAF/ASM (affected versions not specified)
Description:
When the BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured, undisclosed traffic can cause an increase in memory resource utilization. Software versions that have reached End of Technical Support (EoTS) are not evaluated.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Big-Ip Advanced Waf/Asm