Increased Resource Utilization in F5's Virtual Server and DNSSEC Operations
CVE-2025-21087
8.9HIGH
Summary
A vulnerability exists in F5's BIG-IP product when Client or Server SSL profiles are configured on a Virtual Server, or during DNSSEC signing operations. Undisclosed traffic may lead to an unexpected increase in memory and CPU utilization, impacting performance and potentially resulting in service disruption.
Affected Version(s)
BIG-IP 17.1.0 < 17.1.2
BIG-IP 16.1.0
BIG-IP 15.1.0
References
CVSS V4
Score:
8.9
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
F5