Detections
Analytics

F5 Networks BIG-IP : BIG-IP AFM security exposure (K000150010)

high Nessus Plugin ID 270594

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by a vulnerability as referenced in the K000150010 advisory.

 After a reboot, the BIG-IP AFMipsdprocess may unexpectedly fail to enforce the Intrusion Prevention System (IPS) signatures configured for protocol inspection profiles. This condition can persist for some time even though the system reports the protocol inspection profiles asREADY.This issue occurs when all of the following conditions are met:The user configured a significant number of protocol inspection profiles, each with one or more services enabled.The user assigned these protocol inspection profiles to one or more virtual servers and saved the configuration.The BIG-IP AFM system was subsequently rebooted, including manual or unexpected reboots.

Tenable has extracted the preceding description block directly from the F5 Networks BIG-IP security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K000150010.

See Also

https://my.f5.com/manage/s/article/K000150010

Plugin Details

Severity: High

ID: 270594

File Name: f5_bigip_SOL000150010.nasl

Version: 1.1

Type: local

Published: 10/15/2025

Updated: 10/15/2025

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/h:f5:big-ip

Required KB Items: Host/local_checks_enabled, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Exploit Ease: No known exploits are available

Patch Publication Date: 10/15/2025

Vulnerability Publication Date: 10/15/2025