Undisclosed DNS Traffic Can Cause BIG-IP AFM TMM Termination
CVE-2024-25560

7.5HIGH

Key Information:

Vendor: F5
Status: Big-ip; Big-ip Next Cnf
Vendor: CVE Published:; 8 May 2024

What is CVE-2024-25560?

A vulnerability in the BIG-IP Advanced Firewall Manager (AFM) from F5 Networks has been identified, which allows undetected DNS traffic to disrupt the operation of the Traffic Management Microkernel (TMM). When BIG-IP AFM is licensed and provisioned, such traffic can lead to unexpected termination of the TMM, potentially impacting the security and availability of network services. Users are advised to review their configurations and apply any available updates to mitigate this issue.

Affected Version(s)

BIG-IP 17.1.0 < 17.1.1

BIG-IP 16.1.0 < 16.1.4

BIG-IP 15.1.0

References

https://my.f5.com/manage/s/article/K000139037

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 8, 2024
Vulnerability Reserved
Apr 24, 2024

F5

What is CVE-2024-25560?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit