CVE-2025-59268
📋 TL;DR
This vulnerability allows unauthenticated remote attackers to access undisclosed endpoints containing static non-sensitive information through the BIG-IP Configuration utility. It affects BIG-IP systems running supported software versions. The information exposure could aid attackers in reconnaissance activities.
💻 Affected Systems
- F5 BIG-IP
📦 What is this software?
Big Ip Advanced Web Application Firewall by F5
View all CVEs affecting Big Ip Advanced Web Application Firewall →
Big Ip Advanced Web Application Firewall by F5
View all CVEs affecting Big Ip Advanced Web Application Firewall →
Big Ip Advanced Web Application Firewall by F5
View all CVEs affecting Big Ip Advanced Web Application Firewall →
Big Ip Advanced Web Application Firewall by F5
View all CVEs affecting Big Ip Advanced Web Application Firewall →
Big Ip Application Acceleration Manager by F5
View all CVEs affecting Big Ip Application Acceleration Manager →
Big Ip Application Acceleration Manager by F5
View all CVEs affecting Big Ip Application Acceleration Manager →
Big Ip Application Acceleration Manager by F5
View all CVEs affecting Big Ip Application Acceleration Manager →
Big Ip Application Acceleration Manager by F5
View all CVEs affecting Big Ip Application Acceleration Manager →
Big Ip Application Security Manager by F5
View all CVEs affecting Big Ip Application Security Manager →
Big Ip Application Security Manager by F5
View all CVEs affecting Big Ip Application Security Manager →
Big Ip Application Security Manager by F5
View all CVEs affecting Big Ip Application Security Manager →
Big Ip Application Security Manager by F5
View all CVEs affecting Big Ip Application Security Manager →
Big Ip Application Visibility And Reporting by F5
View all CVEs affecting Big Ip Application Visibility And Reporting →
Big Ip Application Visibility And Reporting by F5
View all CVEs affecting Big Ip Application Visibility And Reporting →
Big Ip Application Visibility And Reporting by F5
View all CVEs affecting Big Ip Application Visibility And Reporting →
⚠️ Risk & Real-World Impact
Worst Case
Attackers could gather information about system configuration or endpoints that might facilitate further attacks, though the exposed information is described as non-sensitive.
Likely Case
Information disclosure that could help attackers map the system or identify potential attack vectors, but no direct system compromise.
If Mitigated
Minimal impact since the information is non-sensitive and proper network segmentation would limit access.
🎯 Exploit Status
Exploitation requires no authentication and involves accessing specific endpoints.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check K90301300 for specific fixed versions
Vendor Advisory: https://my.f5.com/manage/s/article/K90301300
Restart Required: No
Instructions:
1. Review K90301300 advisory. 2. Identify your BIG-IP version. 3. Upgrade to a fixed version per the advisory. 4. Verify the Configuration utility is properly secured.
🔧 Temporary Workarounds
Restrict Configuration Utility Access
allLimit network access to the Configuration utility to trusted IP addresses only.
Configure firewall rules to restrict access to BIG-IP management interfaces
🧯 If You Can't Patch
- Implement strict network segmentation to isolate BIG-IP management interfaces
- Monitor access logs to the Configuration utility for unauthorized attempts
🔍 How to Verify
Check if Vulnerable:
Check if unauthenticated access to Configuration utility endpoints returns static information that should be protected.Check Version:
tmsh show sys versionVerify Fix Applied:
After patching, verify that unauthenticated access to the affected endpoints no longer returns the static information.📡 Detection & Monitoring
Log Indicators:
- Unauthenticated access attempts to Configuration utility endpoints
- Unusual request patterns to management interfaces
Network Indicators:
- Unusual traffic to BIG-IP management ports from untrusted sources
SIEM Query:
source_ip NOT IN trusted_networks AND dest_port IN (443, 8443) AND uri_path CONTAINS "/mgmt/"