8.7

CVE-2025-41430

BIG-IP SSL Orchestrator vulnerability

When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. 


Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
F5Big-ip Ssl Orchestrator Version >= 15.1.0 <= 15.1.9
F5Big-ip Ssl Orchestrator Version >= 16.1.0 < 16.1.4
F5Big-ip Ssl Orchestrator Version >= 17.1.0 < 17.1.3
F5Big-ip Ssl Orchestrator Version17.5.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.32% 0.235
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
f5sirt@f5.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
f5sirt@f5.com 8.7 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

https://my.f5.com/manage/s/article/K000150667
Vendor Advisory