CVE-2025-43878

When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdump command utility on a F5OS-C/A system.



Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
f5CNA
6 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
VendorProductVersion
f5f5os-a
1.5.1 ≤
𝑥
< 1.8.0
f5f5os-c
1.6.0 ≤
𝑥
≤ 1.6.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://my.f5.com/manage/s/article/K000139502