CVE-2026-41959

CVSS v3.1

6.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions BIG-IP versions prior to 17.1.3.2 BIG-IP versions prior to 17.5.1.6 BIG-IP versions prior to 21.0.0.2 BIG-IQ versions prior to 17.1.3.2 BIG-IQ versions prior to 17.5.1.6 BIG-IQ versions prior to 21.0.0.2

Description Incorrect permission assignments exist in the iControl REST and the TMOS Shell (tmsh) network diagnostics commands. These flaws may allow an authenticated attacker to view the network status of destination systems.

Recommendations Update to version 17.1.3.2 or later. Update to version 17.5.1.6 or later. Update to version 21.0.0.2 or later.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2026-41959

Affected Products

Big-Ip

Big-Iq

CVE-2026-41959

Weakness Enumeration

Related Identifiers

Affected Products

References · 3