← Back

CVE-2026-41218

nvd nist
Published: May 13, 2026Modified: Jun 24, 2026

JSON object

Loading...
8.7
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Show more
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: f5sirt@f5.com (Secondary)

Description

When BIG-IP PEM iRules are configured on a virtual server (iRules using commands starting with CLASSIFICATION::, CLASSIFY::, PEM::, PSC::, and the urlcatquery command), undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected (84)

21 products
Big Ip Access Policy Manager
Big Ip Advanced Firewall Manager
Big Ip Analytics
Big Ip Automation Toolchain
Big Ip Carrier Grade Nat
Big Ip Container Ingress Services
Big Ip Ddos Hybrid Defender
Big Ip Domain Name System
Big Ip Edge Gateway
Big Ip Fraud Protection Service
Big Ip Global Traffic Manager
Big Ip Link Controller
Big Ip Local Traffic Manager
Big Ip Policy Enforcement Manager
Big Ip Ssl Orchestrator
Big Ip Webaccelerator
Big Ip Websafe
Configuration A
42 vulnerable
Vulnerable SoftwareAffected Versions
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
F5
From 17.1.0 to 17.1.3
From 17.5.0 to 17.5.1
Configuration B
21 vulnerable
Vulnerable SoftwareAffected Versions
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
From 16.1.0 to 16.1.6
Configuration C
21 vulnerable

References (1)

Source: f5sirt@f5.com
MitigationVendor Advisory

Timeline

No history available yet.