CVE-2025-61938 in F5 BIG-IP Advanced WAF ASMinfo

Summary

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Reservation

10/04/2025

Disclosure

10/15/2025

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
328682	F5 BIG-IP Advanced WAF ASM URL improper validation of specified quantity in input	1284	Not defined	Official fix	CVE-2025-61938

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!