CVE-2025-53521
Published Oct 15, 2025
Last updated a month ago
AI description
CVE-2025-53521 is a vulnerability affecting F5 BIG-IP Access Policy Manager (APM) systems when an access policy is configured on a virtual server. The flaw, categorized as CWE-770 (Allocation of Resources Without Limits or Throttling), allows undisclosed or specially crafted traffic to cause the Traffic Management Microkernel (TMM) process to terminate. This termination of the TMM process results in a disruption of all traffic handled by the BIG-IP device until the process restarts. The vulnerability can be exploited remotely by an unauthenticated attacker, leading to a denial-of-service condition on the BIG-IP APM system.
- Description
- When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
- Source
- f5sirt@f5.com
- NVD status
- Analyzed
- Products
- big-ip_access_policy_manager
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- F5 BIG-IP Unspecified Vulnerability
- Exploit added on
- Mar 27, 2026
- Exploit action due
- Mar 30, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- f5sirt@f5.com
- CWE-121
- Hype score
- Not currently trending
Approximately a month ago, F5 published advisory on malware deployed to BIG-IP systems vulnerable to CVE-2025-53521. #ESETresearch discovered two related malware components on VirusTotal and named the threat #PoisonedRefresh. 1/6 https://t.co/OfekbKd8a9
@ESETresearch
24 Apr 2026
4119 Impressions
12 Retweets
36 Likes
15 Bookmarks
1 Reply
1 Quote
🚨 [CRITICAL] Critical RCE Vulnerability in F5 BIG-IP Access Policy Manager Under Active Exploitation The UK NCSC has issued an urgent advisory regarding CVE-2025-53521, an unauthenticated remote code execution vulnerability affecting F5 BIG-IP Access Policy Manager (APM). htt
@HalluG76811
21 Apr 2026
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
F5 BIG-IP 긴급 패치, CVE-2025-53521 (출처 : 기록 | https://t.co/4mrWqpidcJ 블로그) https://t.co/nVerHLLeB7
@J_zjaan7946
17 Apr 2026
157 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 #CyberSecurity CVE-2025-53521: F5 BIG-IP Unauthenticated RCE — Detection and Emergency Hardeni… "On March 27, 2026, CISA added CVE-2025-53521 to its Known Exploited Vulnerabilities (KEV)…" 🔗 https://t.co/MhFNGwwQQi #CyberSecurity #ThreatIntel #vulnerability #cve
@SecurityAr58409
15 Apr 2026
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 #CyberSecurity Immediate Action Required: Patching F5 BIG-IP APM Against CVE-2025-53521 "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security…" 🔗 https://t.co/50qmp9rWtt #CyberSecurity #ThreatIntel #vulnerability #cve #patch
@SecurityAr58409
15 Apr 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 #CyberSecurity Urgent: Defending Against Active Exploitation of F5 BIG-IP APM (CVE-2025-53521) "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm by…" 🔗 https://t.co/KdSlD7OTQ2 #CyberSecurity #ThreatIntel #vulnerability #cve #pat
@SecurityAr58409
15 Apr 2026
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
F5 has updated its security advisory for a vulnerability impacting BIG-IP APM that was originally disclosed in October 2025 (CVE-2025-53521). Learn more in our latest security bulletin: https://t.co/jmxqUJFEdG
@ChannelSkell
14 Apr 2026
89 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ثـ ـغرة CVE-2025-53521 في F5 BIG-IP APM تدخل قائمة CISA للثـ ـغرات المستغلة التفاصيل .. https://t.co/Q3M9WECM7s #مركز_الأمن_السيبراني_للابحاث_والدراسات https://t.co/UQ4lP3M55S
@ccforrs
10 Apr 2026
118 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53521: 2025 vuln, 2026 RCE reclassification, active exploitation. 14K BIG-IP APM instances still on internet. F5 publishes IOCs and says "rebuild." When the vendor says rebuild, patching is theater. Your appliance is compromised. Question: why was it exposed?
@CisoRaging77913
10 Apr 2026
119 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
F5 BIG-IP APM の RCE 脆弱性 CVE-2025-53521:実環境での積極的な悪用を確認 https://t.co/zwywf9Dtu3 この問題の原因は、脆弱性 CVE-2025-53521 に対する初期の分類が、サービス拒否 (DoS) とされていた点にあります。一般的に、
@iototsecnews
10 Apr 2026
198 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
F5 has updated its security advisory regarding a vulnerability affecting BIG-IP APM that was originally disclosed in October 2025 (CVE-2025-53521). For more information, please see our latest security bulletin: https://t.co/ZJHoVjPYXs
@rfrumm
8 Apr 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ **Vulnerability Alert:** F5 BIG-IP Access Policy Manager Stack-based Buffer Overflow (CVE-2025-53521) — Actively Exploited RCE 📅 **Timeline:** Disclosure: 2025-04-08, Patch: 2025-04-08 🆔 **CVE-2025-53521** | 📊 CVSS: 9.8 (CRITICAL 🔴) | 📈 EPSS: 97.39% 🛠
@syedaquib77
8 Apr 2026
123 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
統合版 JPCERT/CC | Weekly Report: F5 BIG-IP Access Policy Managerの脆弱性(CVE-2025-53521)に関する注意喚起 https://t.co/Qf7Ag9QiAK #itsec_jp
@itsec_jp
8 Apr 2026
158 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Stop scrolling if your company uses F5 BIG-IP APM Critical flaw CVE-2025-53521 is now on CISA’s KEV list—and already exploited. Attackers can run code remotely, steal data, and take over systems. Patch immediately. Don’t wait.
@TheCyberse46292
7 Apr 2026
111 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Edge infrastructure is failing first — again. CISA just added two critical flaws to the KEV catalog: • Citrix NetScaler CVE-2026-3055 (memory overread via SAML IdP) • F5 BIG-IP APM CVE-2025-53521 (unauthenticated RCE) Both are actively exploited. New article → htt
@ByteVanguardSec
7 Apr 2026
113 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
F5 hat seinen Sicherheitshinweis zu einer Sicherheitslücke aktualisiert, die BIG-IP APM betrifft und ursprünglich im Oktober 2025 bekannt gegeben wurde (CVE-2025-53521). Weitere Informationen finden Sie in unserem aktuellen Sicherheitsbulletin: https://t.co/ZBCqQ0TS2E
@rfrumm
7 Apr 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Attackers are actively exploiting CVE-2025-53521, a critical RCE in F5 BIG-IP APM, with Shadowserver identifying over 14,000 exposed instances globally after the flaw was reclassified from DoS to remote code execution and added to CISA’s KEV catalog. https://t.co/sNWUY2Y65O
@VivekIntel
6 Apr 2026
165 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
CISA flags active F5 BIG-IP exploit. 🔗 https://t.co/SMp0zi7QPO CVE-2025-53521 enables unauthenticated remote code execution and full system compromise. KEV listing means urgent patching is required. #MADSecurity #CISA #Cybersecurity #VulnerabilityManagement
@MADSecurityLLC
6 Apr 2026
119 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Threat Update: F5 BIG-IP APM RCE Exploitation (CVE-2025-53521) 📝 Key Updates Summary: NEW: CVE-2025-53521 was reclassified in Mar 2026 from DoS to unauthenticated RCE and added to CISA's KEV (3/27/2026) with a federal remediation directive. NEW: Shadowserver snapshots
@syedaquib77
6 Apr 2026
151 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【F5 BIG-IP APMの重大RCE、14,000超がなお露出】 F5 BIG-IP APMのRCE脆弱性 CVE-2025-53521 はすでに悪用が確認されており、なお14,000台超の公開インスタンスが残っていると報じられています。 未認証RCEにつながる深刻な
@01ra66it
6 Apr 2026
276 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️ Threat Update: Active Exploitation of CVE-2025-53521 Against F5 BIG-IP APM 📝 Key Updates Summary: NEW: 2026-04-06 incoming report corroborates active exploitation of CVE-2025-53521 and provides a Shadowserver exposure snapshot (~14,100 exposed APM fingerprints across
@syedaquib77
6 Apr 2026
128 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed: Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM… https://t.co/zpLPylrt46 https:/
@shah_sheikh
6 Apr 2026
113 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[Security Affairs] Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed. Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000... https://t.co/sqwmBHZnU3
@shah_sheikh
6 Apr 2026
108 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
turns into an actively exploited F5 BIG-IP APM… (CVE-2025-53521) is a good reminder that this vulnerability can turn edge and identity infrastructure into a much bigger remote code execution problem. For defenders, the priority is to validate exposure, watch for suspic…
@SocXAInvaders
6 Apr 2026
137 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
turns into an actively exploited F5 BIG-IP APM… (CVE-2025-53521) is a vulnerability story defenders should take serious… F5 has reclassified the vulnerability from a denial of service issue to remote code execution , confirmed exp…
@fynn_JourX
6 Apr 2026
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
For defenders, cve-2025-53521 turns into an actively exploited f5 big-ip apm r… should move fast. F5 reclassified CVE-2025-53521 from DoS to remote code execution, CISA added it to KEV, and… 🔗 Details → https://t.co/ivyyW0SUmB
@SocXAInvaders
6 Apr 2026
133 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Legacy exposure keeps paying off for attackers. CVE-2025-53521 turns into an actively exploited F5 BIG-IP… F5 reclassified CVE-2025-53521 from DoS to remote code execution, CISA added it to KEV, and… 🔗 Read → https://t.co/qAubleY76J
@fynn_JourX
6 Apr 2026
132 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
turns into an actively exploited F5 BIG-IP APM… (CVE-2025-53521) deserves defender attention because this vulnerability… F5 has reclassified the vulnerability from a denial of service issue to remote code execution , confirmed exp…
@lucasverdan
6 Apr 2026
159 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛑 CVE-2025-53521 turns into an actively exploited F5 BIG-IP APM RCE F5 reclassified CVE-2025-53521 from DoS to remote code execution, CISA added it to KEV, and… 🔗 Details → https://t.co/TUf0xBbEnS
@lucasverdan
6 Apr 2026
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🖋️ CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation 🖋️ The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a critical security flaw impacting F5 BIGIP Access Policy Manager APM to its Known Exploited Vulnerabilities KEV
@zeeshankghouri
5 Apr 2026
216 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad crítica CVE-2025-53521 en F5 BIG-IP APM fue añadida al catálogo CISA KEV,explotación activa. Permite Ejecución Remota de Código (RCE) sin autenticación,compromiso total del sistema. Se recomienda parcheo inmediato, revisión de logs y refuerzo de la monitori
@nodoware_news
4 Apr 2026
189 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-53521: Critical F5 BIG-IP APM RCE exploited on 14k+ instances. Patch now! https://t.co/AC3AJMx7bQ
@TheRabbitPy
3 Apr 2026
76 Impressions
4 Retweets
6 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Threat Alert: **F5 BIG-IP APM Unauthenticated RCE Exploitation (CVE-2025-53521)** 📅 Date: 2026-04-03 📆 Timeline: 2026-03-31: Shadowserver fingerprinted ~17,100 exposed BIG‑IP APM instances. 2026-04-03: Public reporting and vendor advisories; CISA added the flaw to
@syedaquib77
3 Apr 2026
191 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Threat Update: CVE-2025-53521 F5 BIG-IP APM RCE Exploitation 📝 Key Updates Summary: **UPDATE:** New 2026-04-03 reporting corroborates active exploitation of CVE-2025-53521 against internet-facing F5 BIG-IP APM appliances and adds a public reference plus an exposure sna
@syedaquib77
3 Apr 2026
166 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53521 in F5 BIG-IP APM reclassified from DoS to critical RCE after active exploitation emerged. Over 14,000 systems still unpatched. CISA added to KEV catalog with Monday deadline for federal agencies. #Cybersecurity https://t.co/S8ABdzNzUC
@battista212
3 Apr 2026
165 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-53521, originally a DoS bug in F5 BIG-IP APM, now a critical RCE vulnerability actively exploited. Disclosed in Oct 2025, it poses significant risk. #cybersecurity #vulnerability
@bigmacd16684
3 Apr 2026
147 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Threat Alert: 14,000+ Exposed F5 BIG-IP APM Instances Vulnerable to RCE 📅 Date: 2026-04-03 📆 Timeline: 2025-10-15: CVE-2025-53521 disclosed (initially classified as DoS). 2026-03 (late): F5 obtains new information and reclassifies flaw as RCE; F5 updates advisory
@syedaquib77
3 Apr 2026
135 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Threat Update: F5 BIG-IP APM RCE Exposure (CVE-2025-53521) 📝 Key Updates Summary: NEW: Multiple sources confirm active exploitation risk after the issue was reclassified from DoS to RCE (Mar–Apr 2026). NEW: Recent reporting (2026-04-03) quantifies ~17,100 Internet-ex
@syedaquib77
3 Apr 2026
158 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Threat Alert: **14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability** 📅 Date: 2026-04-03 📆 Timeline: 2025-10-15: CVE-2025-53521 initially disclosed (classified as DoS). 2026-03-27: F5 updates advisory and CISA adds CVE-2025-53521 to
@syedaquib77
3 Apr 2026
131 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA KEV 警告 26/03/27:F5 BIG-IP の脆弱性 CVE-2025-53521 を登録 https://t.co/68Jxa8tKLP F5 BIG-IP システムの Access Policy Manager (APM) に発見された、きわめて深刻な脆弱性 CVE-2025-53521 が CISA KEV
@iototsecnews
3 Apr 2026
169 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
TRC analysis shows attackers exploiting CVE-2025-53521 to gain unauthenticated RCE on F5 BIG-IP APM systems, then deploying web shells for persistent access. The compromised network appliances enable lateral movement to critical systems. Runtime segmentation helps contain
@aviatrixtrc
3 Apr 2026
122 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 [CRITICAL] Critical RCE Vulnerability in F5 BIG-IP Access Policy Manager Under Active Exploitation The UK NCSC has issued an urgent advisory regarding CVE-2025-53521, an unauthenticated remote code execution vulnerability affecting F5 BIG-IP Access Policy Manager (APM). htt
@HalluG76811
2 Apr 2026
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53521: F5 BIG-IP Access Policy Manager Remote Code Execution Vulnerability - What It Means for Your Business and How to Respond https://t.co/IwL5f8aPnr
@integ_sec
2 Apr 2026
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
NEW THREAT INTEL: F5 BIG-IP APM RCE (CVE-2025-53521) - Chinese APT actively exploiting critical stack overflow. 9 detections, 16 IOCs. https://t.co/Q23BpYblFr #ThreatIntel #CyberSecurity #F5 #CISAKEV https://t.co/tgp3fE5Nzb
@threadlinqs
2 Apr 2026
124 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 14,000 F5 BIG-IP APM instances remain exposed online amid active exploitation of CVE-2025-53521, reclassified from DoS to remote code execution. F5 and CISA recommend system rebuilds and log checks. #CVE2025 #BIGIP #USA https://t.co/HCEF0kU3Hp
@TweetThreatNews
2 Apr 2026
203 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
⚠️ Threat Update: F5 BIG-IP APM exposure to CVE-2025-53521 (RCE) 📝 Key Updates Summary: NEW: Shadowserver telemetry identifies >14,000 Internet-exposed vulnerable BIG-IP APM instances and ~17,100 IPs with BIG-IP APM fingerprints. NEW: Evidence of active exploitation in
@syedaquib77
2 Apr 2026
125 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Threat Alert: F5 BIG-IP APM exposure and RCE exploitation (CVE-2025-53521) 📅 Date: 2026-04-02 📆 Timeline: Oct 2025 — CVE disclosed (initially classified as DoS). Mar 2026 — New information led to reclassification to RCE; active exploitation observed. Mar 27, 2026
@syedaquib77
2 Apr 2026
129 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Threat Alert: Over 14,000 F5 BIG‑IP APM instances still exposed to RCE attacks 📅 Date: 2026-04-02 (report); vulnerability first disclosed Oct 2025; active exploitation noted Mar–Apr 2026 📆 Timeline: 2025-10: CVE-2025-53521 initially disclosed as DoS. 2026-03: New
@syedaquib77
2 Apr 2026
129 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 BREAKING: Over 14,000 F5 BIG-IP APM instances exposed to active RCE attacks (CVE-2025-53521)! Hackers deploying webshells—patch NOW or risk full compromise. CISA KEV listed. #CyberSecurity #InfoSec #Hacking https://t.co/mLMazqupZv
@Archange_Shadow
2 Apr 2026
114 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ **Vulnerability Alert:** F5 BIG-IP APM Unauthenticated Remote Code Execution (CVE-2025-53521) - Active Exploitation 📅 **Timeline:** Disclosure: unknown, Patch: unknown 🆔 **CVE-2025-53521** | 📊 CVSS: 9.8 (Critical 🔴) | 📈 EPSS: 97.38% 🛠️ **Exploit Matur
@syedaquib77
1 Apr 2026
201 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A0C1CA-EDEF-463F-B7C8-8B9E67239FC1",
"versionEndExcluding": "15.1.10.8",
"versionStartIncluding": "15.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6494E2A7-1473-46C0-97F8-90827D9466AA",
"versionEndExcluding": "16.1.6.1",
"versionStartIncluding": "16.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96D35435-27A7-4A88-9432-1F5AB0112B8C",
"versionEndExcluding": "17.1.3",
"versionStartIncluding": "17.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "252ED1A4-5F29-4440-B1BA-9621E6791812",
"versionEndExcluding": "17.5.1.3",
"versionStartIncluding": "17.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]