CVE-2026-42408
MediumCVSS 4.4Exploitation Probability (EPSS)
Low risk0th percentile - higher than 0% of all known CVEs
Summary
A vulnerability exists in an undisclosed TMOS Shell (tmsh) command in BIG-IP DNS that may allow a highly privileged authenticated attacker to view sensitive information.
Risk Assessment
A highly privileged attacker could gain access to confidential data, potentially leading to serious security breaches within the organization.
Recommendation
It is recommended to monitor and restrict access to TMOS Shell and to update the software to versions that have not reached End of Technical Support.
Original NVD description (English source)
When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell (tmsh) command that may allow a highly privileged authenticated attacker to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

