Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

APM Security: Protecting Internal Resources Using ACLs

If you've used APM, you probably have setup the APM in Portal Access mode at one time. It is easy and gives instant access to internal resources, but aren’t you allowing more access than imagined? ...
Published Sep 24, 2014
Version 1.0
BIG-IP Access Policy Manager (APM)
security
Lee_Sutcliffe's avatar
Lee_Sutcliffe
Icon for Nacreous rankNacreous
Jul 25, 2017

Hi Brad, yes it certainly does, even with resource items created from templates such as OWA. I'm not working with the customer anymore but I can still replicate the error in my lab.