CVE-2026-42930 describes an authentication bypass vulnerability in F5 BIG-IP when operating in Appliance mode. An authenticated administrator with the 'Administrator' role can circumvent restrictions, allowing them to perform actions they shouldn't be able to. This vulnerability impacts versions 16.1.0 through 21.0.0.2; a fix is available in version 21.0.0.2.
影响与攻击场景翻译中…
Successful exploitation of CVE-2026-42930 allows an authenticated administrator to bypass Appliance mode restrictions within the F5 BIG-IP system. This effectively grants them elevated privileges and the ability to modify configurations or access sensitive data beyond their intended scope. The attacker could potentially gain full control of the BIG-IP system, leading to data breaches, service disruption, or further compromise of the network. The blast radius extends to any systems or services relying on the BIG-IP for load balancing, security, or application delivery.
利用背景翻译中…
CVE-2026-42930 was published on May 13, 2026. Severity is rated HIGH with a CVSS score of 8.7. Public proof-of-concept (POC) code is currently unavailable. The vulnerability is not listed on CISA KEV as of this writing. Exploitation probability is considered medium, given the requirement for authenticated access but the potential for significant impact.
威胁情报
漏洞利用状态
CISA SSVC
CVSS 向量
这些指标意味着什么?
- Attack Vector
- 网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
- Attack Complexity
- 低 — 无需特殊条件,可以稳定地利用漏洞。
- Privileges Required
- 高 — 需要管理员或特权账户。
- User Interaction
- 无 — 攻击自动且无声,受害者无需任何操作。
- Scope
- 已改变 — 攻击可以超出脆弱组件,影响其他系统。
- Confidentiality
- 高 — 完全丧失机密性,攻击者可读取所有数据。
- Integrity
- 高 — 攻击者可写入、修改或删除任何数据。
- Availability
- 无 — 无可用性影响。
受影响的软件
弱点分类 (CWE)
时间线
- 已保留
- 发布日期
缓解措施和替代方案翻译中…
The primary mitigation for CVE-2026-42930 is to upgrade to F5 BIG-IP version 21.0.0.2 or later, which contains the fix. If immediate upgrade is not possible, consider implementing stricter role-based access controls within BIG-IP to limit the privileges of the 'Administrator' role. Review existing configurations to identify any potential misconfigurations that could exacerbate the impact of this vulnerability. Monitor BIG-IP logs for any suspicious activity related to administrator accounts. After upgrade, confirm the fix by verifying that Appliance mode restrictions are properly enforced for the 'Administrator' role.
修复方法翻译中…
Actualice su sistema BIG-IP a una versión corregida. F5 ha publicado parches para abordar esta vulnerabilidad. Consulte la nota de seguridad K000160876 en el sitio web de F5 para obtener instrucciones detalladas sobre cómo aplicar las actualizaciones.
常见问题翻译中…
What is CVE-2026-42930 — Authentication Bypass in F5 BIG-IP?
CVE-2026-42930 is a HIGH severity vulnerability affecting F5 BIG-IP versions 16.1.0–21.0.0.2. It allows an authenticated administrator to bypass Appliance mode restrictions, potentially granting unauthorized access.
Am I affected by CVE-2026-42930 in F5 BIG-IP?
If you are running F5 BIG-IP in Appliance mode and are using versions 16.1.0 through 21.0.0.2, you are potentially affected by this vulnerability. Check your version immediately.
How do I fix CVE-2026-42930 in F5 BIG-IP?
Upgrade to F5 BIG-IP version 21.0.0.2 or later to resolve this vulnerability. If immediate upgrade isn't possible, implement stricter role-based access controls.
Is CVE-2026-42930 being actively exploited?
As of the current date, there are no confirmed reports of active exploitation of CVE-2026-42930 in the wild, but the potential for exploitation exists.
Where can I find the official F5 advisory for CVE-2026-42930?
Refer to the official F5 security advisory for CVE-2026-42930 on the F5 website: [https://www.f5.com/security/center/advisory/f5-security-advisory-42930](https://www.f5.com/security/center/advisory/f5-security-advisory-42930)
立即试用 — 无需账户
上传任何清单文件 (composer.lock, package-lock.json, WordPress 插件列表…) 或粘贴您的组件列表。您立即获得一份漏洞报告。上传文件只是开始:拥有账户后,您将获得持续监控、Slack/电子邮件警报、多项目和白标报告。
拖放您的依赖文件
composer.lock、package-lock.json、requirements.txt、Gemfile.lock、pubspec.lock、Dockerfile...