Increased Resource Utilization in F5's Virtual Server and DNSSEC Operations
CVE-2025-21087

8.9HIGH

Key Information:

Vendor: F5
Status: Big-ip; Big-ip Next
Vendor: CVE Published:; 5 February 2025

What is CVE-2025-21087?

A vulnerability exists in F5's BIG-IP product when Client or Server SSL profiles are configured on a Virtual Server, or during DNSSEC signing operations. Undisclosed traffic may lead to an unexpected increase in memory and CPU utilization, impacting performance and potentially resulting in service disruption.

Affected Version(s)

BIG-IP 17.1.0 < 17.1.2

BIG-IP 16.1.0

BIG-IP 15.1.0

References

https://my.f5.com/manage/s/article/K000134888

vendor-advisory

CVSS V4

Score:

8.9

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 5, 2025
Vulnerability Reserved
Jan 22, 2025

F5

What is CVE-2025-21087?

Affected Version(s)

References

CVSS V4

Timeline

Credit