免费扫描

此页面尚未翻译为您的语言。我们正在努力翻译,目前显示英文内容。

💡 Keep dependencies up to date — most exploits target known, patchable vulnerabilities.

HIGHCVE-2026-39455CVSS 7.5

CVE-2026-39455: File Descriptor Exhaustion in F5 BIG-IP

平台

linux

组件

bigip

修复版本

21.0.0.2

在NVD查看
保存
正在翻译为您的语言…

CVE-2026-39455 affects F5 BIG-IP systems utilizing Lightweight Directory Access Protocol (LDAP) authentication. A misconfiguration can trigger an undisclosed traffic pattern, causing the httpd process to exhaust available file descriptors, resulting in a denial-of-service condition. This vulnerability impacts versions 16.1.0 through 21.0.0.2, and a fix is available in version 21.0.0.2.

影响与攻击场景翻译中…

Successful exploitation of CVE-2026-39455 can lead to a denial-of-service (DoS) attack, rendering the affected BIG-IP system unavailable. This disruption can impact critical services relying on the BIG-IP infrastructure, such as load balancing, web application delivery, and security features. The impact extends beyond the immediate system, potentially affecting applications and users dependent on the BIG-IP's functionality. While the vulnerability doesn't directly expose sensitive data, the DoS can disrupt operations and potentially mask other malicious activity. The blast radius is limited to the services managed by the affected BIG-IP instance.

利用背景翻译中…

CVE-2026-39455 has been published on 2026-05-13. Its severity is rated HIGH (CVSS 7.5). Public proof-of-concept (POC) code is currently unavailable. The vulnerability is not listed on KEV or EPSS, suggesting a low to medium probability of exploitation in the short term. Monitor F5 security advisories and threat intelligence feeds for updates.

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

CISA SSVC

利用情况none
可自动化yes
技术影响partial

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H7.5HIGHAttack VectorNetwork攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredNone攻击所需的认证级别User InteractionNone是否需要受害者采取行动ScopeUnchanged超出受影响组件的影响范围ConfidentialityNone敏感数据泄露风险IntegrityNone数据未授权篡改风险AvailabilityHigh服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
无 — 无需认证,无需凭证即可利用。
User Interaction
无 — 攻击自动且无声,受害者无需任何操作。
Scope
未改变 — 影响仅限于脆弱组件本身。
Confidentiality
无 — 无机密性影响。
Integrity
无 — 无完整性影响。
Availability
高 — 完全崩溃或资源耗尽,完全拒绝服务。

受影响的软件

组件bigip
供应商F5
最低版本16.1.0
最高版本21.0.0.2
修复版本21.0.0.2

弱点分类 (CWE)

CWE-772

时间线

  1. 已保留
  2. 发布日期

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2026-39455 is upgrading to F5 BIG-IP version 21.0.0.2 or later, which includes the fix. If immediate upgrade is not feasible, implement temporary workarounds. Configure a Web Application Firewall (WAF) or proxy to limit or filter LDAP traffic to the BIG-IP system, specifically targeting the traffic pattern that triggers the file descriptor exhaustion. Review LDAP authentication configurations to ensure they adhere to security best practices and minimize unnecessary LDAP traffic. After upgrading, verify the fix by attempting to reproduce the vulnerability with the traffic pattern described in the advisory; the httpd process should not exhaust file descriptors.

修复方法翻译中…

Actualice a una versión corregida de BIG-IP.  Las versiones afectadas incluyen 17.5.1.6, 17.1.3.2, 21.0.0.2 y versiones posteriores de 21.1.0. Consulte la documentación de F5 para obtener instrucciones detalladas de actualización y mitigación.

常见问题翻译中…

What is CVE-2026-39455 — File Descriptor Exhaustion in F5 BIG-IP?

CVE-2026-39455 is a HIGH severity vulnerability in F5 BIG-IP allowing LDAP authentication misconfigurations to exhaust file descriptors, causing a denial-of-service. It affects versions 16.1.0–21.0.0.2.

Am I affected by CVE-2026-39455 in F5 BIG-IP?

You are affected if you are running F5 BIG-IP versions 16.1.0 through 21.0.0.2 and have LDAP authentication enabled. Carefully review your LDAP configuration.

How do I fix CVE-2026-39455 in F5 BIG-IP?

Upgrade to F5 BIG-IP version 21.0.0.2 or later. As a temporary workaround, implement WAF rules to limit LDAP traffic.

Is CVE-2026-39455 being actively exploited?

Currently, there are no public reports of CVE-2026-39455 being actively exploited, but monitoring is crucial.

Where can I find the official F5 advisory for CVE-2026-39455?

Refer to the official F5 security advisory for CVE-2026-39455 on the F5 website: [https://www.f5.com/security/center/advisory/f5-security-advisory-26-07.html](https://www.f5.com/security/center/advisory/f5-security-advisory-26-07.html)

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE
live免费扫描

立即试用 — 无需账户

上传任何清单文件 (composer.lock, package-lock.json, WordPress 插件列表…) 或粘贴您的组件列表。您立即获得一份漏洞报告。上传文件只是开始:拥有账户后,您将获得持续监控、Slack/电子邮件警报、多项目和白标报告。

手动扫描Slack/邮件提醒持续监控白标报告

拖放您的依赖文件

composer.lock、package-lock.json、requirements.txt、Gemfile.lock、pubspec.lock、Dockerfile...