{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T18:53:33.266","vulnerabilities":[{"cve":{"id":"CVE-2025-36557","sourceIdentifier":"f5sirt@f5.com","published":"2025-05-07T22:15:20.087","lastModified":"2025-08-06T18:14:59.580","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."},{"lang":"es","value":"Cuando se configura un perfil HTTP con la opción \"Exigir cumplimiento de RFC\" en un servidor virtual, las solicitudes no divulgadas pueden provocar la finalización del microkernel de gestión de tráfico (TMM). Nota: Las versiones de software que han alcanzado el fin del soporte técnico (EoTS) no se evalúan."}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"1A235DA1-7C50-49A5-A874-7FA00EA8B7D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"0714D37A-AC59-4482-9BD7-CB676A1959F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"2B8910E0-3AC4-4FEE-8BA0-8E592F546B4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"A4874706-6BD1-4C18-86CB-C3B76B0879FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"AF371739-2974-49F4-95BE-109ED6007A9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"CAC60D99-A5D4-475A-BCE8-88A17B4885C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"87E768C7-28EC-4999-8822-C8CE7EEE2270"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"2D75CF39-46A1-4F08-A70C-C3EAAB751C56"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"E9697B71-CD20-42EF-8E6C-8C11FC84BE4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"993D544C-2F40-45E2-AD10-D4D7DFA9ADC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"A72B6A1F-492B-48D7-8F90-717CFAE9E0A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"62F12552-6772-4694-B5F7-431DFF7CAA6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"6AF9FDCB-A975-4A4E-8F58-C1E830E6836D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"03DC961D-DB46-4C7C-8879-93A076910BD4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"14043026-1D70-46F9-BBA7-93460ACCB76A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"6C6A98FC-AFEA-48CD-BD05-4F501BB21AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"8C260295-74F2-402C-B25E-3EDADF221A29"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"C2AD36E2-889D-4E42-B617-F8F59F2ACC64"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"AD9977B4-1808-4706-A98A-6BDF124773B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"D2D701A7-F1AE-4772-889A-441C3389FB01"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndExcluding":"16.1.5","matchCriteriaId":"A0286214-6B81-45FB-8113-B5A9A1B4BEC7"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.2","matchCriteriaId":"9FB55C74-396E-4AA0-8038-22C14BE0E91B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_cloud-native_network_functions:*:*:*:*:*:*:*:*","versionStartIncluding":"1.1.0","versionEndExcluding":"1.4.0","matchCriteriaId":"6D1E7119-B744-420E-8D23-951943D04E96"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7.0","versionEndExcluding":"1.7.9","matchCriteriaId":"C2CC427B-7ED3-4C7C-8741-178A523F4ABD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*","versionStartIncluding":"1.8.0","versionEndIncluding":"1.9.2","matchCriteriaId":"9A23DCD3-8702-4950-99A5-6BBE45512D9D"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000139571","source":"f5sirt@f5.com","tags":["Vendor Advisory"]}]}}]}