Authentication Bypass in BIG-IP System by F5 Networks
CVE-2025-59268

6.9MEDIUM

Key Information:

Vendor: F5
Status: Big-ip
Vendor: CVE Published:; 15 October 2025

What is CVE-2025-59268?

The BIG-IP system from F5 Networks has a vulnerability that allows unauthenticated remote attackers to access undisclosed endpoints containing static non-sensitive information through the Configuration utility. This flaw can potentially lead to further exploitation and compromise of the system's integrity.

Affected Version(s)

BIG-IP 17.5.0 < 17.5.1.3

BIG-IP 17.1.0 < 17.1.3

BIG-IP 16.1.0 < 16.1.6.1

References

https://my.f5.com/manage/s/article/K90301300

vendor-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 15, 2025
Vulnerability Reserved
Oct 3, 2025

Credit

JSON