{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T17:18:06.841","vulnerabilities":[{"cve":{"id":"CVE-2025-31644","sourceIdentifier":"f5sirt@f5.com","published":"2025-05-07T22:15:18.567","lastModified":"2025-10-21T18:42:36.423","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command which may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful exploit can allow the attacker to cross a security boundary.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."},{"lang":"es","value":"Al ejecutarse en modo Appliance, existe una vulnerabilidad de inyección de comandos en un comando no revelado de iControl REST y BIG-IP TMOS Shell (tmsh), que podría permitir que un atacante autenticado con privilegios de administrador ejecute comandos arbitrarios del sistema. Una explotación exitosa puede permitir al atacante traspasar una barrera de seguridad. Nota: Las versiones de software que han alcanzado el fin del soporte técnico (EoTS) no se evalúan."}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"90F95346-79C4-47DF-B32F-E271483B15DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"A20AA9F1-12A2-41BC-907A-E3BCFA7EA3CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"0A32A8D1-51DA-4809-A40E-485D1A3165BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"76F07A61-62B9-479B-9292-CE2D381CF8BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"5EF26442-8624-4BAE-9BA0-6261A48ECA3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"5758E02E-B667-4C28-8470-422CD6B0B85E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"666ADDDB-A0C1-4647-B5BA-0352B6259EB0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"AEEBBE61-4525-414C-9425-1B2FB25FF9A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"8D713946-31BB-40EC-8E65-7FC41B95A676"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"E6DC3F0E-043C-4F2F-9E86-47B9AFFF27EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"EF9A7584-3423-4A3F-B95B-8186DD0E0376"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"30D804D3-B5AA-49F8-A41C-636CB1C6C408"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"56DD991A-A748-4AAF-B611-AA3530C8E577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"5F5FBC1A-FDFB-4056-9D31-8156CF159643"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"E08457C8-FC30-4C7B-8CB3-034DEFE1BD96"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"E23F45D6-F85C-482E-B202-07582E625189"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"C8603239-5BAB-4B68-A9AD-7B91B3493F1E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"12B753F7-FC67-4FBA-A903-7F475804577D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"6A98F9CC-8D1D-47AC-812B-45C6174D8493"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"C33F8DDF-1238-4079-A770-EDFBCF42F5F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"15.1.0","versionEndExcluding":"15.1.10.7","matchCriteriaId":"AC902698-630D-4ECC-AE88-3D2017C79072"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"304BAC5F-38E2-4629-A4B5-43F2F1AB9CB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"859A0BFC-CD50-4482-967F-5816F8480B8F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"FB936160-C10D-4556-B5AF-C1BA12C38673"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"9C7A2C91-A997-4F82-A5C3-5F9943B1B6FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"4E80DD1F-0A18-4536-B501-7B1740A49C68"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"A7B760A6-59A8-46E1-9CA1-23FA27982705"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"B105CC45-1A86-435D-A56F-AD664DA50F50"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"8CF5250B-484E-45CC-89B4-9459300DC6AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"050656BF-3203-4C95-BF15-C3D1A1A494DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"3891240B-CB4D-4E2B-AE63-6BF22F3F4B4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"E6CDB335-7BA3-4BC8-B47A-CC46C5922449"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"7BE02E41-858F-4A18-9878-B9EA7D760470"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"E7215503-77B5-4D6B-8AB8-950B74A53AC6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"C191C32D-0788-4405-B484-331260ADDAD1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"5A7AF326-9537-480E-B9AF-E217638D7239"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"24009DF3-E5AE-42C8-8452-64839C4ED1E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"C7CA0D19-0DB0-4EEE-95D6-21E71E1583DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"39889DFE-E0C9-46B6-B4FD-EEB38AB3A2A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"ECD0333F-74B6-4438-BE6B-7B35304F8065"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"74D5E3BC-68DB-4190-80AC-526F788483C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.6","matchCriteriaId":"AC9024C0-1CD3-4D21-B57E-953525E37A22"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"82CB65BA-537C-4D9B-B13B-2BDD09F341F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"19319242-7A85-4FFF-AD8F-08BEE84CA86F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"7C2E4A77-3825-4678-8E35-466E5C799ECF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"369E542B-7A37-4C8F-9B84-1A01237915AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"735CE14F-E69F-4EBE-B5CC-20A7465A92FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"6F118E82-BDA3-4DB6-8133-F5D9919CDAF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"855D5E18-2BD4-47FB-AD46-688159A254C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"BAD38915-4D18-47C4-B217-43B966F21676"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"AD47B7A9-34D7-4853-9DF3-7CB3ABCC4033"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"8DCDFCD9-CB18-449D-8DC3-1F6FD9DE977F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"471B3260-70CD-4A9D-9017-C3DD311BB86E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"078F13E4-20AC-45A1-9759-67450F1E0FC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"322D2910-E25D-408B-B72E-2796D597340D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"B9BEAA3B-59FD-4FDC-9039-542D19B26648"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"CE4DC393-D404-4F6C-B551-759558510719"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"75492B9E-FC4D-47CD-8523-DA0103956C72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"038EC267-7992-4A9B-8A25-DABB152C51B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"8E93A5C2-5E03-4D09-BA51-EC353CBCDCCC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"31882F94-D9C4-43F1-ACEE-57AD042459DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"B182998B-1A34-4339-966B-16341DE9D752"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2.2","matchCriteriaId":"A5CB7038-304C-4332-B079-7C23FC73BD20"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000148591","source":"f5sirt@f5.com","tags":["Vendor Advisory"]}]}}]}