CVE Catalog

CVE-2026-42408

MediumCVSS 4.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.08%

0th percentile - higher than 0% of all known CVEs

Summary

A vulnerability exists in an undisclosed TMOS Shell (tmsh) command in BIG-IP DNS that may allow a highly privileged authenticated attacker to view sensitive information.

Risk Assessment

A highly privileged attacker could gain access to confidential data, potentially leading to serious security breaches within the organization.

Recommendation

It is recommended to monitor and restrict access to TMOS Shell and to update the software to versions that have not reached End of Technical Support.

Original NVD description (English source)

When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell (tmsh) command that may allow a highly privileged authenticated attacker to view sensitive information.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS