F5 BIG-IP Advanced WAF
Easy fix5 remedies
cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*
Easy fix5 remedies
- >= 17.5.0, <= 17.5.1
- >= 17.1.0, <= 17.1.2
- >= 16.1.0, <= 16.1.6
- >= 15.1.0, <= 15.1.10
F5 BIG-IP Advanced WAF and ASM Denial-of-Service Vulnerability
Vulnerability
Patched
A denial-of-service vulnerability has been identified in F5 BIG-IP Advanced WAF and BIG-IP ASM. When a security policy is applied to a virtual server and is configured with a JSON content profile that contains a malformed JSON schema, certain undisclosed requests can lead to the termination of the 'bd' process. This disruption causes a temporary traffic interruption while the process restarts.
Impact
Exploitation of this vulnerability causes the 'bd' process to terminate, disrupting traffic until the process is restarted, thereby causing a denial-of-service condition on the BIG-IP system.
Remediation
Users can upgrade to BIG-IP versions 17.5.1.3, 17.1.3, 16.1.6.1, or 15.1.10.8 to address this vulnerability. For more information about F5 hotfixes and point releases, refer to the F5 BIG-IP hotfix and point release matrix.
Added: Oct 15, 2025, 2:34 PM
Updated: Oct 15, 2025, 2:34 PM
Vulnerability Rating
Custom Algorithm
spread
5.2impact
2.5exploitability
7.6remediation
7.9relevance
0.7threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.