CVE-2025-54858— BIG-IP Advanced WAF and ASM vulnerability

BIG-IP Advanced WAF and ASM vulnerability

When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

未经控制的递归

F5 BIG-IP 安全漏洞

F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的应用交付平台。 F5 BIG-IP存在安全漏洞，该漏洞源于JSON内容配置文件中存在格式错误的JSON模式，可能导致bd进程终止。

N/A

N/A