CVE Catalog

CVE-2026-40703

MediumCVSS 5.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.10%

1th percentile - higher than 1% of all known CVEs

Summary

A cross-site request forgery (CSRF) vulnerability exists in the dashboard of the BIG-IP Configuration utility. This affects software versions that have not reached End of Technical Support (EoTS).

Risk Assessment

An attacker could exploit this vulnerability to perform unauthorized actions on behalf of a logged-in user, potentially leading to serious security implications.

Recommendation

It is recommended to update the software to the latest version that is not subject to End of Technical Support (EoTS) to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

A cross-site request forgery (CSRF) vulnerability exists in the dashboard of the BIG-IP Configuration utility.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS