CVE-2026-40703

MEDIUM WAF: Low

CVSS 5.4 Published: 2026-05-13

CWE-352

A cross-site request forgery (CSRF) vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

WAF Coverage Analysis

Cross-Site Request Forgery (CSRF) Low WAF Coverage

OWASP: A01:2021 Broken Access Control

References

my.f5.com

Back to CVE Database