Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

THE_BLUE's avatar
THE_BLUE
Icon for Cirrostratus rankCirrostratus
1 year ago
Solved

BIG-IP HSB vulnerability CVE-2024-39778

When a stateless virtual server is configured on a BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause virtual servers to stop processing client connections and the Traffic M...
application delivery
security
  • boneyard's avatar
    boneyard
    1 year ago

    an easy search turns this article up for a stateless virtual server:

    https://my.f5.com/manage/s/article/K13675

    so , i am vulnerable if i meet the two condition? system with a High-Speed Bridge (HSB) and stateless virtual server ? otherwise I am good? 

    correct.

  • Aswin_mk's avatar
    Aswin_mk
    1 year ago

    Yes, you are correct, and you need to be vulnerable if both the condition matches. Also there are new vulnerabilities relating old version. You can try to proceed with latest versions in 17.x to get more stable and vulnerability fixed version.