8950s
Chassis
· BIG-IP Legacy Series
Known Exploited Vulnerabilities
This device is past F5 Networks's security-support date. 5 CVEs in CISA's Known Exploited Vulnerabilities catalog apply to the platform it runs. F5 Networks is not issuing patches for this model. Isolate, compensate, or refresh.
| CVE | KEV added | Vulnerability | Flags |
|---|---|---|---|
CVE-2025-53521
|
F5 BIG-IP Stack-Based Buffer Overflow Vulnerability | ||
CVE-2023-46748
|
F5 BIG-IP Configuration Utility SQL Injection Vulnerability | ||
CVE-2023-46747
|
F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability | Ransomware | |
CVE-2022-1388
|
F5 BIG-IP Missing Authentication Vulnerability | Ransomware | |
CVE-2020-5902
|
F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability | Ransomware |
Source: CISA Known Exploited Vulnerabilities catalog. The Ransomware flag reflects CISA's own knownRansomwareCampaignUse field, set when the CVE has been observed in ransomware campaigns per their threat intel. It's not a property of the vulnerability description itself.
Correlation is at the platform level, not per-OS-version. Not exhaustive: KEV only lists actively-exploited CVEs and many relevant unexploited vulnerabilities are not here. Verify against vendor security advisories (PSIRT, JSA, PAN-SA) and NVD before acting. See compensating controls if refresh isn't immediate.
8950s Lifecycle Overview
The F5 Networks 8950s is a chassis product in the F5 Networks BIG-IP Legacy series. This product has reached end of life as of , meaning F5 Networks no longer provides technical support, software updates, or hardware replacement for this product. It was last available for purchase on . Organizations still running the 8950s should plan a migration .
Lifecycle Milestones
| End of sale | 11y 7mo ago | |
|---|---|---|
| End of software maintenance | 9y 3mo ago | |
| Last date of support | 4y 3mo ago |