Skip to main content

Big Ip Application Security Manager CVE-2026-22548

MEDIUM
Race Condition (CWE-362)
2026-02-04 f5sirt@f5.com
5.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.9 MEDIUM
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Feb 04, 2026 - 15:16 nvd
MEDIUM 5.9

DescriptionCVE.org

When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests along with conditions beyond the attacker's control can cause the bd process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

AnalysisAI

BIG-IP Advanced WAF and ASM experience denial of service when processing specific requests under certain conditions, causing the bd process to terminate and disrupting security policy enforcement. An unauthenticated remote attacker can trigger this crash without user interaction, though exploitation requires specific timing and environmental factors. No patch is currently available for affected versions.

Technical ContextAI

Classified as CWE-362 (Race Condition). Affects Big-Ip Advanced Web Application Firewall. When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests along with conditions beyond the attacker's control can cause the bd process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

CVE-2012-1493 HIGH POC
7.8 Jul 09

F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, a

CVE-2015-3628 CRITICAL POC
9.0 Dec 07

The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.

CVE-2015-7547 HIGH POC
8.1 Feb 18

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C

CVE-2014-2928 HIGH POC
7.1 May 12

The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5

CVE-2016-9244 HIGH POC
7.5 Feb 09

A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may

CVE-2025-20029 HIGH
8.7 Feb 05

F5 BIG-IP contains an authenticated command injection in the iControl REST API and TMOS Shell (tmsh) save command. Authe

CVE-2023-46747 CRITICAL POC
9.8 Oct 26

Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BI

CVE-2022-1388 CRITICAL POC
9.8 May 05

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13

CVE-2021-22986 CRITICAL POC
9.8 Mar 31

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.

CVE-2022-41622 HIGH POC
8.8 Dec 07

In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Ra

CVE-2022-41800 HIGH POC
8.7 Dec 07

In all versions of BIG-IP, when running in Appliance mode, an authenticated user assigned the Administrator role may be

CVE-2016-5700 CRITICAL POC
9.8 Oct 03

Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before HF2, 11.6.0 before HF8, 1

Share

CVE-2026-22548 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy