File Download Vulnerability in F5 iControl SOAP Affected by Resource Administrator Role
CVE-2026-42063
6.9MEDIUM
What is CVE-2026-42063?
A file download vulnerability exists within F5 Networks' iControl SOAP interface, which allows authenticated users with Resource Administrator or Administrator roles to download sensitive files. This poses a significant risk, as it could lead to unauthorized access to critical data. Organizations utilizing affected versions should take immediate action to apply necessary patches and review user permissions to mitigate potential exploitation.
Affected Version(s)
BIG-IP 21.0.0 < 21.0.0.2
BIG-IP 17.5.0 < 17.5.1.6
BIG-IP 17.1.0 < 17.1.3.2