341 matches found
F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000156734)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.3 / 21.0.0. It is, therefore, affected by a vulnerability as referenced in the K000156734 advisory. A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-...
EUVD-2026-29991
An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40703
A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-39455 BIG-IP Configuration utility vulnerability
When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not...
CVE-2026-41957
CVE-2026-41957 affects the BIG-IP and BIG-IQ Configuration utility. The connected advisory confirms an authenticated remote code execution vulnerability via undisclosed vectors in the Configuration utility (control plane access), with CWE-502 deserialization noted in the security advisory details...
CVE-2026-41957 BIG-IP and BIG-IQ Configuration utility vulnerability
An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40703
The CVE-2026-40703 entry describes a CSRF vulnerability in the BIG-IP Configuration utility dashboard. A remote, unauthenticated attacker can entice an authenticated user to issue crafted requests, allowing the attacker to create, modify, and delete dashboard items as that user. This is a control...
CVE-2026-40703 BIG-IP Configuration utility CSRF vulnerability
A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000156761: BIG-IP and BIG-IQ Configuration utility vulnerability CVE-2026-41957
Security Advisory Description An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. CVE-2026-41957 Impact This vulnerability may allow an authenticated attacker with network access to the Configuration utility throu...
PT-2026-40665
Name of the Vulnerable Software and Affected Versions BIG-IP versions prior to 17.1.3.1 BIG-IQ versions prior to 17.5.1.4 Description An authenticated remote code execution issue exists in the BIG-IP and BIG-IQ Configuration utility. This flaw is caused by deserialization, a process where data is...
CVE-2026-20732
CVE-2026-20732 affects BIG-IP configurations utility page where an attacker may spoof error messages. Red Hat/CIRCL/NVD references mirror this undisclosed page issue. F5 security advisory K000156644 lists affected branches (BIG-IP (all modules) 17.5.x, 17.1.x; 16.x) with fixes: BIG-IP 17.5.1.4 an...
EUVD-2026-5462
A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacker to spoof error messages. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2021-22989
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, when running in Appliance mode with Advanced WAF or BIG-IP ASM provisioned, the TMUI, also referred to as the Configuration utility,...
CVE-2021-22988
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed page...
Intel® Server Configuration Utility Software Advisory
Summary: A potential security vulnerability in some Intel® Server Configuration Utility software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-24918 Description: Improper link resolution befo...
EUVD-2025-34657
On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-59483
A validation vulnerability exists in an undisclosed URL in the Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-59483
A validation vulnerability exists in an undisclosed URL in the Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-59268
On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-59268
On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...