VYPR

Big IP Spk

by F5, Inc.

CVEs (22)

  • CVE-2025-61990Oct 15, 2025
    risk 0.00cvss epss 0.00

    When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2025-61974Oct 15, 2025
    risk 0.00cvss epss 0.00

    When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2025-58120Oct 15, 2025
    risk 0.00cvss epss 0.00

    When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2025-54805Oct 15, 2025
    risk 0.00cvss epss 0.00

    When an iRule is configured on a virtual server via the declarative API, upon re-instantiation, the cleanup process can cause an increase in the Traffic Management Microkernel (TMM) memory resource utilization.  Note: Software versions which have reached End of Technical…

  • CVE-2025-55670Oct 15, 2025
    risk 0.00cvss epss 0.00

    On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2025-46706Oct 15, 2025
    risk 0.00cvss epss 0.00

    When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2025-48008Oct 15, 2025
    risk 0.00cvss epss 0.00

    When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of…

  • CVE-2025-60016Oct 15, 2025
    risk 0.00cvss epss 0.00

    When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to…

  • CVE-2025-54500Aug 13, 2025
    risk 0.00cvss epss 0.00

    An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack).  Note: Software versions which have reached End of Technical Support (EoTS) are not…

  • CVE-2025-36504May 7, 2025
    risk 0.00cvss epss 0.00

    When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2025-41414May 7, 2025
    risk 0.00cvss epss 0.00

    When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

  • CVE-2025-36557May 7, 2025
    risk 0.00cvss epss 0.00

    When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2025-41399May 7, 2025
    risk 0.00cvss epss 0.00

    When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2025-22846Feb 5, 2025
    risk 0.00cvss epss 0.00

    When SIP Session and Router ALG profiles are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.   Note: Software versions which have reached End of Technical Support (EoTS) are not…

  • CVE-2024-41164Aug 14, 2024
    risk 0.00cvss epss 0.00

    When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not…

  • CVE-2024-23306Feb 14, 2024
    risk 0.00cvss epss 0.00

    A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensitive files.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

  • CVE-2024-23314Feb 14, 2024
    risk 0.00cvss epss 0.01

    When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

  • CVE-2023-45226Oct 10, 2023
    risk 0.00cvss epss 0.00

    The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only…

  • CVE-2023-40534Oct 10, 2023
    risk 0.00cvss epss 0.01

    When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to terminate.  Note: Software versions…

  • CVE-2023-24594May 3, 2023
    risk 0.00cvss epss 0.01

    When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Page 1 of 2