Primary

Context

F5 BIG-IP Traffic Management Microkernel Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in F5 BIG-IP systems when connection mirroring is enabled on a virtual server. Undisclosed requests can cause the Traffic Management Microkernel (TMM) to crash on standby BIG-IP systems within the same traffic group. This issue temporarily disrupts traffic redundancy in the BIG-IP cluster as the standby systems restart.

Impact

Exploitation of this vulnerability causes the TMM process to terminate and restart on affected standby BIG-IP systems, disrupting traffic management and temporarily reducing redundancy in the BIG-IP cluster.

Remediation

To address this vulnerability, BIG-IP users can upgrade to version 17.1.2.2. For more information about managing BIG-IP product hotfixes, refer to the F5 article K13123.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

F5 BIG-IP Traffic Management Microkernel Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating