CVE Catalog

CVE-2026-41959

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile - higher than 10% of all known CVEs

Summary

Vulnerabilities related to incorrect permission assignment exist in BIG-IP and BIG-IQ TMOS Shell (tmsh) network diagnostics commands and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view the network status of destination systems.

Risk Assessment

The organization may be exposed to the disclosure of network status information, potentially leading to further attacks or security breaches.

Recommendation

It is recommended to update the software to the latest version that has not reached End of Technical Support to minimize the risk associated with these vulnerabilities.

Original NVD description (English source)

Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell (tmsh) network diagnostics commands and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view the network status of destination systems.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS