CVE-2026-40703
MediumCVSS 5.4Exploitation Probability (EPSS)
Low risk1th percentile - higher than 1% of all known CVEs
Summary
A cross-site request forgery (CSRF) vulnerability exists in the dashboard of the BIG-IP Configuration utility. This affects software versions that have not reached End of Technical Support (EoTS).
Risk Assessment
An attacker could exploit this vulnerability to perform unauthorized actions on behalf of a logged-in user, potentially leading to serious security implications.
Recommendation
It is recommended to update the software to the latest version that is not subject to End of Technical Support (EoTS) to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
A cross-site request forgery (CSRF) vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

