128 matches found
CVE-2026-42063
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-42924
An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40698
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell tmsh resulting in privilege escalation. Note: Software versions which...
CVE-2026-40631
An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-30005
An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29988
A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29989
Sensitive information disclosure vulnerability exists in the undisclosed iControl REST endpoint and TMOS Shell tmsh command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. Note: Software versions which have reached End of...
EUVD-2026-29979
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell tmsh resulting in privilege escalation. Note: Software versions which...
EUVD-2026-29994
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-42924
An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-42063
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-41954
Sensitive information disclosure vulnerability exists in the undisclosed iControl REST endpoint and TMOS Shell tmsh command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. Note: Software versions which have reached End of...
CVE-2026-40698
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell tmsh resulting in privilege escalation. Note: Software versions which...
CVE-2026-40631
An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-32673
A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In appliance mode deployments, a successful exploit can allow the attacker to cross a...
CVE-2026-32673
The CVE-2026-32673 issue affects BIG-IP scripted monitors. An authenticated attacker with Resource Administrator or Administrator privileges can execute arbitrary system commands with elevated rights via the affected iControl REST endpoint or local tmsh access. In appliance mode, exploitation may...
CVE-2026-42063 iControl SOAP vulnerability
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-42063
Summary of CVE-2026-42063 (iControl SOAP vulnerability) : The vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. The F5 advisory details that this is a control-plane issue affecting the BIG-IP i...
CVE-2026-41953
CVE-2026-41953 affects BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects, leading to privilege escalation. The vulnerability is a control plane issue with no data-plane exposure, and impact includes priv...
CVE-2026-41953 BIG-IP Privilege Escalation vulnerability
A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...