Unrated severityNVD Advisory· Published Oct 15, 2025· Updated Feb 26, 2026
BIG-IP APM and SSL Orchestrator vulnerability
CVE-2025-47148
Description
When the BIG-IP system is configured as both a Security Assertion Markup Language (SAML) service provider (SP) and Identity Provider (IdP), with single logout (SLO) enabled on an access policy, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Affected products
1Patches
Vulnerability mechanics
References
1- my.f5.com/manage/s/article/K000148816mitrevendor-advisory
News mentions
0No linked articles in our index yet.