CVE-2025-47148
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-15
Last updated on: 2025-10-21
Assigner: F5 Networks
Description
Description
When the BIG-IP system is configured as both a Security Assertion Markup Language (SAML) service provider (SP) and Identity Provider (IdP), with single logout (SLO) enabled on an access policy, undisclosed requests can cause an increase in memory resource utilization.Β Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| f5 | big-ip_access_policy_manager | From 15.1.0 (inc) to 15.1.10.8 (exc) |
| f5 | big-ip_access_policy_manager | From 16.1.0 (inc) to 16.1.6.1 (exc) |
| f5 | big-ip_access_policy_manager | From 17.1.0 (inc) to 17.1.3 (exc) |
| f5 | big-ip_access_policy_manager | 17.5.0 |
| f5 | big-ip_ssl_orchestrator | From 15.1.0 (inc) to 15.1.10.8 (exc) |
| f5 | big-ip_ssl_orchestrator | From 16.1.0 (inc) to 16.1.6.1 (exc) |
| f5 | big-ip_ssl_orchestrator | From 17.1.0 (inc) to 17.1.3 (exc) |
| f5 | big-ip_ssl_orchestrator | 17.5.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the BIG-IP system when it is configured as both a SAML service provider and Identity Provider with single logout enabled. Undisclosed requests can cause increased memory resource utilization, potentially leading to resource exhaustion.
How can this vulnerability impact me? :
The vulnerability can lead to increased memory usage on the affected system, which may result in degraded performance or denial of service due to resource exhaustion.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70