Lucene search
+L

CVE-2026-42406

🗓️ 13 May 2026 14:12:41Reported by f5Type 
cve
 cve
🔗 web.nvd.nist.gov👁 28 Views

Privilege escalation in Big IP and Big IQ enables a Certificate Manager to modify config objects and run commands.

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
attackerkb
CVE-2026-42406
13 May 202614:12
attackerkb
circl
CVE-2026-42406
13 May 202617:54
circl
cnnvd
F5 BIG-IP和F5 BIG-IQ 安全漏洞
13 May 202600:00
cnnvd
cvelist
CVE-2026-42406 BIG-IP and BIG-IQ privilege escalation vulnerability
13 May 202614:12
cvelist
euvd
EUVD-2026-29997
13 May 202618:30
euvd
f5
K000160971: BIG-IP and BIG-IQ privilege escalation vulnerability CVE-2026-42406
13 May 202612:41
f5
nessus
F5 Networks BIG-IP : BIG-IP and BIG-IQ privilege escalation vulnerability (K000160971)
21 May 202600:00
nessus
ncsc
Vulnerabilities found in F5 BIG-IP and BIG-IQ products
15 May 202612:07
ncsc
nvd
CVE-2026-42406
13 May 202616:16
nvd
ptsecurity
PT-2026-40669
13 May 202600:00
ptsecurity
Rows per page
NVD
Node
OR
f5big-ip_access_policy_managerRange17.1.017.1.3
f5big-ip_access_policy_managerRange17.5.017.5.1
f5big-ip_analyticsRange17.1.017.1.3
f5big-ip_analyticsRange17.5.017.5.1
f5big-ip_automation_toolchainRange17.1.017.1.3
f5big-ip_automation_toolchainRange17.5.017.5.1
f5big-ip_carrier-grade_natRange17.1.017.1.3
f5big-ip_carrier-grade_natRange17.5.017.5.1
f5big-ip_ddos_hybrid_defenderRange17.1.017.1.3
f5big-ip_ddos_hybrid_defenderRange17.5.017.5.1
f5big-ip_domain_name_systemRange17.1.017.1.3
f5big-ip_domain_name_systemRange17.5.017.5.1
f5big-ip_edge_gatewayRange17.1.017.1.3
f5big-ip_edge_gatewayRange17.5.017.5.1
f5big-ip_link_controllerRange17.1.017.1.3
f5big-ip_link_controllerRange17.5.017.5.1
f5big-ip_local_traffic_managerRange17.1.017.1.3
f5big-ip_local_traffic_managerRange17.5.017.5.1
f5big-ip_ssl_orchestratorRange17.1.017.1.3
f5big-ip_ssl_orchestratorRange17.5.017.5.1
f5big-ip_webacceleratorRange17.1.017.1.3
f5big-ip_webacceleratorRange17.5.017.5.1
f5big-ip_websafeRange17.1.017.1.3
f5big-ip_websafeRange17.5.017.5.1
Node
OR
Node
[
  {
    "defaultStatus": "unknown",
    "modules": [
      "All Modules"
    ],
    "product": "BIG-IP",
    "vendor": "F5",
    "versions": [
      {
        "lessThan": "*",
        "status": "unaffected",
        "version": "21.1.0",
        "versionType": "custom"
      },
      {
        "lessThan": "21.0.0.2",
        "status": "affected",
        "version": "21.0.0",
        "versionType": "custom"
      },
      {
        "lessThan": "17.5.1.6",
        "status": "affected",
        "version": "17.5.0",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1.3.2",
        "status": "affected",
        "version": "17.1.0",
        "versionType": "custom"
      },
      {
        "lessThan": "*",
        "status": "affected",
        "version": "16.1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "BIG-IQ",
    "vendor": "F5",
    "versions": [
      {
        "lessThan": "*",
        "status": "affected",
        "version": "8.4.0",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

23 Jun 2026 13:57Current
5.9Medium risk
Vulners AI Score5.9
CVSS 48.5
CVSS 3.18.7
EPSS0.0015
SSVC
28