CVE-2025-61938
BaseFortify
Publication date: 2025-10-15
Last updated on: 2025-10-21
Assigner: F5 Networks
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| f5 | big-ip_advanced_web_application_firewall | From 17.1.0 (inc) to 17.1.3 (exc) |
| f5 | big-ip_advanced_web_application_firewall | 17.5.0 |
| f5 | big-ip_application_security_manager | From 17.1.0 (inc) to 17.1.3 (exc) |
| f5 | big-ip_application_security_manager | 17.5.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1284 | The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs when a BIG-IP Advanced WAF or ASM security policy is configured with a URL longer than 1024 characters for the Data Guard Protection Enforcement setting. This can cause the bd process to terminate repeatedly, potentially disrupting the security functions of the system.
How can this vulnerability impact me? :
The impact of this vulnerability is that the bd process may repeatedly terminate, which can lead to denial of service or disruption of the security policy enforcement on the BIG-IP Advanced WAF or ASM system. This could reduce the effectiveness of the security protections and potentially expose the system to other risks.