For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Zdenda's avatar
Zdenda
Icon for Cirrus rankCirrus
Dec 06, 2025

CVE mitigation on F5 XC vs classic F5 WAF

Hi, there is serious CVE out there: https://www.cve.org/CVERecord?id=CVE-2025-55182   And F5 reacted quickly: https://my.f5.com/manage/s/article/K000158058#BIG-IP   F5 itself is not affected, b...
cloud
security
Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
Dec 08, 2025

Yes that is how XC with AWAF works. Any new signatures are auto added. Changed and new signatures enter 1 week staging as shown in WAF Signature Staging in F5 Distributed Cloud and you need to use the XC API to see them (no GUI option for some reason) https://docs.cloud.f5.com/docs-v2/api/waf-signatures-changelog 

 

Maybe for this one as it is bad XC added it to blocking even for WAF policies that have staging enabled from the start but I suggest using the XC API to check.

 

When you said XC doesn't have the signature where did you actually check this as I know only of https://docs.cloud.f5.com/docs-v2/platform/reference/attack-signatures ?