VDB

CISA-2025-22846

CISA-2025-22846 PUBLISHED CVSS 7.5 HIGH

Reported by f5 · Published February 5, 2025

When SIP Session and Router ALG profiles are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
F5BIG-IP17.1.0, 16.1.0, 15.1.0
F5BIG-IP Next SPK1.8.0, 1.7.0
F5BIG-IP17.1.0, 15.1.0, 16.1.0
F5BIG-IP Next SPK1.8.0, 1.7.0, 1.8.0

Timeline

  • Feb 5, 2025 CVE Published
  • Feb 12, 2025 CVE Updated

References

  • vendor-advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›