API Vulnerability in BIG-IP Next Central Manager by F5 Networks
CVE-2025-24319

7.1HIGH

Key Information:

Vendor: F5
Status: Big-ip Next Central Manager
Vendor: CVE Published:; 5 February 2025

What is CVE-2025-24319?

An API-related vulnerability in F5 Networks' BIG-IP Next Central Manager allows for the termination of the Kubernetes service due to undisclosed requests made to the BIG-IP Next Central Manager API. This could lead to unexpected service interruptions and impact system availability, necessitating immediate attention and remediation.

Affected Version(s)

BIG-IP Next Central Manager 20.1.0 < 20.3.0

References

https://my.f5.com/manage/s/article/K000148412

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 5, 2025
Vulnerability Reserved
Jan 22, 2025

F5

What is CVE-2025-24319?

Affected Version(s)

References

CVSS V4

Timeline

Credit