CVE-2025-59478
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-59478, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-15

Last updated on: 2025-10-22

Assigner: F5 Networks

Description

When a BIG-IP AFM denial-of-service (DoS) protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate.Β Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-15
Last Modified
2025-10-22
Generated
2026-07-06
AI Q&A
2025-10-15
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
f5 big-ip_advanced_firewall_manager From 16.1.0 (inc) to 16.1.5.2.0.7.5 (inc)
f5 big-ip_advanced_firewall_manager 17.5.0
f5 big-ip_advanced_firewall_manager From 16.1.0 (inc) to 16.1.5.2.0.7.5 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-824 The product accesses or uses a pointer that has not been initialized.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability occurs when a BIG-IP AFM denial-of-service (DoS) protection profile is configured on a virtual server. Undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate, leading to a denial-of-service condition.

Impact Analysis

The vulnerability can cause the TMM process to terminate unexpectedly, resulting in a denial-of-service (DoS) condition. This can disrupt network traffic management and potentially cause service outages.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-59478. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart