Primary

Context

F5 BIG-IP SIP ALG Profile Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in F5 BIG-IP systems when the Session Initiation Protocol (SIP) application layer gateway (ALG) profile with Passthru Mode enabled, along with the SIP router ALG profile, are configured on a Message Routing type virtual server. Under these conditions, certain undisclosed traffic can cause the Traffic Management Microkernel (TMM) to crash, disrupting service until the TMM process restarts.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition on the BIG-IP system, causing traffic disruption while the TMM process is restarted.

Remediation

F5 has fixed this vulnerability in BIG-IP versions 15.1.10.6.0.11.6, 16.1.5, and 17.1.2. For more information about managing BIG-IP product hotfixes, refer to the MyF5 article K13123.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

F5 BIG-IP SIP ALG Profile Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating