CVE-2026-34019
Analyzed
Analyzed - Analysis Complete
BaseFortify
Vulnerability report for CVE-2026-34019, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-05-13
Last updated on: 2026-06-29
Assigner: F5 Networks
Description
Description
When Bidirectional Forwarding Detection (BFD) is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to stop processing BFD packets and cause the configured routing protocol to fail over.Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| f5 | big-ip_access_policy_manager | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_advanced_firewall_manager | 17.5.0 |
| f5 | big-ip_advanced_web_application_firewall | 17.5.0 |
| f5 | big-ip_analytics | 17.5.0 |
| f5 | big-ip_application_acceleration_manager | 17.5.0 |
| f5 | big-ip_application_security_manager | 17.5.0 |
| f5 | big-ip_application_visibility_and_reporting | 17.5.0 |
| f5 | big-ip_carrier-grade_nat | 17.5.0 |
| f5 | big-ip_ddos_hybrid_defender | 17.5.0 |
| f5 | big-ip_domain_name_system | 17.5.0 |
| f5 | big-ip_edge_gateway | 17.5.0 |
| f5 | big-ip_fraud_protection_service | 17.5.0 |
| f5 | big-ip_global_traffic_manager | 17.5.0 |
| f5 | big-ip_link_controller | 17.5.0 |
| f5 | big-ip_local_traffic_manager | 17.5.0 |
| f5 | big-ip_policy_enforcement_manager | 17.5.0 |
| f5 | big-ip_ssl_orchestrator | 17.5.0 |
| f5 | big-ip_webaccelerator | 17.5.0 |
| f5 | big-ip_websafe | 17.5.0 |
| f5 | big-ip_application_security_manager | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_advanced_firewall_manager | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_advanced_web_application_firewall | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_analytics | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_application_acceleration_manager | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_application_visibility_and_reporting | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_automation_toolchain | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_carrier-grade_nat | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_container_ingress_services | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_ddos_hybrid_defender | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_domain_name_system | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_edge_gateway | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_fraud_protection_service | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_global_traffic_manager | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_link_controller | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_local_traffic_manager | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_policy_enforcement_manager | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_ssl_orchestrator | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_webaccelerator | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_websafe | From 17.1.0 (inc) to 17.1.2 (inc) |
| f5 | big-ip_access_policy_manager | 17.5.0 |
| f5 | big-ip_automation_toolchain | 17.5.0 |
| f5 | big-ip_container_ingress_services | 17.5.0 |
| f5 | big-ip_access_policy_manager | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_advanced_firewall_manager | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_advanced_web_application_firewall | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_analytics | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_application_acceleration_manager | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_application_security_manager | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_application_visibility_and_reporting | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_automation_toolchain | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_carrier-grade_nat | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_container_ingress_services | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_ddos_hybrid_defender | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_domain_name_system | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_edge_gateway | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_fraud_protection_service | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_global_traffic_manager | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_link_controller | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_local_traffic_manager | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_policy_enforcement_manager | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_ssl_orchestrator | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_webaccelerator | From 16.1.0 (inc) to 16.1.6 (inc) |
| f5 | big-ip_websafe | From 16.1.0 (inc) to 16.1.6 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-410 | The product's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources. |
