3 matches found
K000160874: BIG-IP Configuration utility vulnerability CVE-2026-39455
Security Advisory Description When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. CVE-2026-39455 Impact The Configuration utility stops...
CVE-2021-22979
On BIG-IP version 16.0.x before 16.0.1, 15.1.x before 15.1.1, 14.1.x before 14.1.2.8, 13.1.x before 13.1.3.5, and all 12.1.x versions, a reflected Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility when Fraud Protection Service is provisioned...
CVE-2025-59268
On BIG-IP, CVE-2025-59268 affects the Configuration utility: undisclosed endpoints that serve static non-sensitive information are reachable by an unauthenticated remote attacker, resulting in potential information disclosure. The issue is a control-plane exposure with no data-plane impact report...