CVE-2025-22891
EUVD-2025-303805.02.2025, 18:15
When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| f5 | big-ip_policy_enforcement_manager | 15.1.0 ≤ 𝑥 < 15.1.10.6.0.11.6 |
| f5 | big-ip_policy_enforcement_manager | 16.1.0 ≤ 𝑥 < 16.1.5 |
| f5 | big-ip_policy_enforcement_manager | 17.1.0 ≤ 𝑥 < 17.1.2 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| f5 | big-ip | 17.1.0 ≤ 𝑥 < 17.1.2 | CNA |
| f5 | big-ip | 16.1.0 ≤ 𝑥 < 16.1.5 | CNA |
Common Weakness Enumeration