{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-61958", "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "state": "PUBLISHED", "assignerShortName": "f5", "dateReserved": "2025-10-03T23:04:43.550Z", "datePublished": "2025-10-15T13:55:53.096Z", "dateUpdated": "2026-02-26T16:57:36.951Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "modules": ["All Modules"], "product": "BIG-IP", "vendor": "F5", "versions": [{"lessThan": "17.5.1.1", "status": "affected", "version": "17.5.0", "versionType": "custom"}, {"lessThan": "17.1.3", "status": "affected", "version": "17.1.0", "versionType": "custom"}, {"lessThan": "16.1.6.1", "status": "affected", "version": "16.1.0", "versionType": "custom"}, {"lessThan": "15.1.10.8", "status": "affected", "version": "15.1.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "F5 acknowledges Australian Cyber Security Centre for bringing this issue to our attention and following the highest standards of coordinated disclosure."}], "datePublic": "2025-10-15T14:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass </span><strong>tmsh</strong><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;restrictions and gain access to a bash shell.&nbsp; For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary.&nbsp;&nbsp;</span>Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n</span>"}], "value": "A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh\u00a0restrictions and gain access to a bash shell.\u00a0 For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "Appliance Mode"}]}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "Non-Appliance Mode"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.5, "baseSeverity": "HIGH", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-250", "description": "CWE-250: Execution with Unnecessary Privileges", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5", "dateUpdated": "2025-10-15T13:55:53.096Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://my.f5.com/manage/s/article/K000154647"}], "source": {"discovery": "EXTERNAL"}, "title": "BIG-IP TMSH vulnerability", "x_generator": {"engine": "F5 SIRTBot v1.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-61958", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-10-16T03:56:50.058397Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T16:57:36.951Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-61958", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-10-16T03:56:50.058397Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-15T15:31:59.376Z"}}], "cna": {"title": "BIG-IP TMSH vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "F5 acknowledges Australian Cyber Security Centre for bringing this issue to our attention and following the highest standards of coordinated disclosure."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "Appliance Mode"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "Non-Appliance Mode"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "F5", "modules": ["All Modules"], "product": "BIG-IP", "versions": [{"status": "affected", "version": "17.5.0", "lessThan": "17.5.1.1", "versionType": "custom"}, {"status": "affected", "version": "17.1.0", "lessThan": "17.1.3", "versionType": "custom"}, {"status": "affected", "version": "16.1.0", "lessThan": "16.1.6.1", "versionType": "custom"}, {"status": "affected", "version": "15.1.0", "lessThan": "15.1.10.8", "versionType": "custom"}], "defaultStatus": "unknown"}], "datePublic": "2025-10-15T14:00:00.000Z", "references": [{"url": "https://my.f5.com/manage/s/article/K000154647", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "F5 SIRTBot v1.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh\u00a0restrictions and gain access to a bash shell.\u00a0 For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass </span><strong>tmsh</strong><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;restrictions and gain access to a bash shell.&nbsp; For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary.&nbsp;&nbsp;</span>Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n</span>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-250", "description": "CWE-250: Execution with Unnecessary Privileges"}]}], "providerMetadata": {"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "shortName": "f5", "dateUpdated": "2025-10-15T13:55:53.096Z"}}}, "cveMetadata": {"cveId": "CVE-2025-61958", "state": "PUBLISHED", "dateUpdated": "2026-02-26T16:57:36.951Z", "dateReserved": "2025-10-03T23:04:43.550Z", "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab", "datePublished": "2025-10-15T13:55:53.096Z", "assignerShortName": "f5"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7A0C1CA-EDEF-463F-B7C8-8B9E67239FC1", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6538FBFE-AE3F-41DC-BE48-8A2444DE1F39", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CDAF78A-6C2B-4640-93DD-524A0D9D80CE", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BEC05AA-EB63-4A34-94E8-81606329BA75", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3007970-0661-4CAC-91A6-363396ED3B41", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "2450DC77-B46C-4886-AC9A-CF78B1EC4F06", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8BC9B56-DC91-4312-9A37-0892E1DCC97D", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5C25C2C-608A-432F-B49C-CED71150801C", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "96D77245-3641-49B9-BC32-472D460E5C1F", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "37AF1DFD-AE86-4F64-9941-75FAA0186ED8", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "87D1615C-6A97-4530-8E3A-92141B6EECD8", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "787649F6-17ED-4EFE-9C48-8318FEB941E7", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "268F789C-AC21-4CE9-9000-8E8B5CB38D2F", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "A04C923A-BBBC-4C4A-A653-B14C2CCEF3D9", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1DE6647-EC65-46DB-BE41-826C0BE3CBF4", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC47EDCD-06E7-4A5C-BD95-E10CC151494E", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A5E3508-3BD2-4275-A654-B379EB95A5C2", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB854FAF-E3B8-4D94-8346-57B73D5B95FE", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "40B87228-F144-41C7-ACD8-1168CC5C57F3", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "FAC86368-6FD4-4232-9E33-8B14B783C6C9", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "96451762-2663-4773-BA48-CD437150C827", "versionEndExcluding": "15.1.10.8", "versionStartIncluding": "15.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6494E2A7-1473-46C0-97F8-90827D9466AA", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "56128695-2B01-4B7D-AC5F-DCDFCFE28BD6", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "025BE711-822D-4840-920C-E8636DA97738", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F28A7BB-AC00-4AB0-94CE-798890A6EA01", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E36153D6-A0AF-41DA-B99F-ACD3333D5092", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A23DB2A-FB60-4DA3-A7CD-D714BE1BDFBD", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D9F00EE-50B8-4B4F-BACB-F0599EBEE946", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*", "matchCriteriaId": "00A47522-6E92-4441-9B88-223863F06061", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "67C3778D-1F87-40AD-9163-883CEC3C1712", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "3D17FD44-D4DB-40FC-8A0D-018EE6650975", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "92891C8E-D1E2-4128-9C3E-95DD922760F2", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "1381CA01-0A3D-4027-8B2D-DA773F0F2447", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "EFBC3076-EA5C-4D18-943A-E5574FEEAE05", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "72789BAC-8984-4364-857C-E6050F35DACD", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A63DAF65-3864-4979-8AB5-A415DEE43527", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "17A49B38-5E69-4288-8D3B-468C7B32EC4B", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C4CCE82-6E33-4448-899E-3938E9F26364", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE263046-0C37-4DEC-A2BD-9056534F497D", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "7829108D-71A4-4F91-81F6-804E9EB1AE9D", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE79228D-BD43-4ADF-A36F-88DA748D83A2", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE6EAF28-5EEF-4333-A911-37DB84419B75", "versionEndExcluding": "16.1.6.1", "versionStartIncluding": "16.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "96D35435-27A7-4A88-9432-1F5AB0112B8C", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "19F0ED03-65CE-461B-97CE-ECBE2D290A5C", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B24E3BE-8A62-4819-B63C-01EE10E6160F", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "5560B775-1D1A-4B91-BF73-8214C54E0136", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E79DDBA8-2BAA-45CF-ADDB-E0CD29EFCD69", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF0F0A9D-1B7E-4271-B309-64399AC7DD89", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4C71682-BEF8-4916-AEA3-C6B73229BC7D", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1A5E22E-BC34-428B-8230-7950FEA1F426", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F6EB345-1978-44BA-9FFD-B1F0F98E8424", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "4503795E-1956-40E5-A4AA-096D5CE35197", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B1DA3DB-754B-4CB1-9970-8FE24F8904D7", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "60F7DB59-2F2B-4AC7-B058-2DB7C9C4DE87", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "20E70B13-F29C-45AA-87CD-96AF990A524C", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4685C82-B428-406D-917A-9A7D6167C848", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3428C746-89F5-499B-99E3-E7F9A04AA6E5", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "827B18BF-818E-42DB-A8F5-B3DA845EB658", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2F5003F-A341-4C95-B402-1C0AF5530039", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "022E0278-5754-4C93-9B54-1BAB3948A534", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "581B1484-C457-4C11-B43A-DCF49EBC07DA", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "A52583A0-7F8A-4B20-9C92-677FD176FFE4", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "CBB901CA-EF5B-437C-BDE0-65117E086B8E", "versionEndExcluding": "17.1.3", "versionStartIncluding": "17.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "78C06F0A-C3E8-471C-9B1C-25F6D745F0F4", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC4D895B-A87D-4980-9546-708DDDF072D8", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "44F0F208-F5EA-4866-9177-925593BD59E4", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "252A71D9-FF34-4103-ABC4-62FFAD7C67E1", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A4C369B5-E411-4E4E-92CB-D807D8531804", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7332DF88-20EF-4B27-BC07-FE34294C92F3", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E114686-E909-403C-BA54-4E1D4EF21E00", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*", "matchCriteriaId": "956CDB2D-A9FF-43C8-AD65-89DECDA33908", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4B7AECF-6559-49A4-BCB7-561747A86F96", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "80278989-6104-4653-9C96-78B8213FD940", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C11E474-5098-4AC8-94EA-6EC6143C756C", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "557943C7-7364-4B2D-A4CB-0F920E9399D1", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "507EF396-2027-49D8-A254-C9ACA910FC89", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "936EEEF5-7390-47B4-A6A4-22D8F57DAF1C", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "731C77BE-B430-44BD-974A-3CCDE4C7B48B", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "85C99CAD-CF42-44B2-AF47-B8BEC3A7F7AE", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "45BBAD44-C2F8-4AFA-AC4C-2E7E771667EE", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "69798F7E-FB43-45DA-AD2E-D314E395C944", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F1F6936-C286-4C68-9BB3-D403834F31F3", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "B08C10E0-CD93-4257-A5F0-765E114D2442", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "matchCriteriaId": "D808860C-093A-4764-93DE-ED42BDA1B4D6", "versionEndExcluding": "17.5.1.1", "versionStartIncluding": "17.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh\u00a0restrictions and gain access to a bash shell.\u00a0 For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary.\u00a0\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}], "id": "CVE-2025-61958", "lastModified": "2026-02-04T17:48:10.580", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 5.8, "source": "f5sirt@f5.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 5.8, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "f5sirt@f5.com", "type": "Secondary"}]}, "published": "2025-10-15T14:15:57.170", "references": [{"source": "f5sirt@f5.com", "tags": ["Vendor Advisory"], "url": "https://my.f5.com/manage/s/article/K000154647"}], "sourceIdentifier": "f5sirt@f5.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-250"}], "source": "f5sirt@f5.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"created": "2025-10-20T13:26:39.472854+00:00", "updated": "2025-10-20T13:26:39.472879+00:00", "vendors": ["f5", "f5$PRODUCT$big-ip"]}