CVE-2026-20732

CWE-4515 documents5 sources
Severity
2.3LOW
EPSS
0.1%
top 80.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
22
F5 Big-ipF5 Big-ip Access Policy ManagerF5 Big-ip Advanced Firewall Manager+19 more
Timeline
PublishedFeb 4

Description

A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacker to spoof error messages. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages22 packages

CVEListV5f5/big-ip17.5.017.5.1.4+2
NVDf5/big-ip_websafe17.1.017.1.3.1+2
NVDf5/big-ip_analytics17.1.017.1.3.1+2
NVDf5/big-ip_edge_gateway17.1.017.1.3.1+2
NVDf5/big-ip_webaccelerator17.1.017.1.3.1+2

🔴Vulnerability Details

2
GHSA
GHSA-fc72-gwgq-7p26: A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacker to spoof error messages2026-02-04
CVEList
BIG-IP Configuration utility vulnerability2026-02-04

📋Vendor Advisories

1
F5
CVE-2026-20732: A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacker to spoof error ...2026-02-04

🕵️Threat Intelligence

1
Wiz
CVE-2026-20732 Impact, Exploitability, and Mitigation Steps | Wiz