6.9

CVE-2026-22549

Medienbericht

BIG-IP Container Ingress Services vulnerability

A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow excessive permissions to read cluster secrets.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
F5Big-ip Container Ingress Services Version >= 1.0.0 <= 1.14.0
   KubernetesKubernetes Version-
   RedhatOpenshift Version-
F5Big-ip Container Ingress Services Version >= 2.0.0 < 2.2.0.2
   KubernetesKubernetes Version-
   RedhatOpenshift Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.31% 0.222
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
f5sirt@f5.com 4.9 1.2 3.6
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
f5sirt@f5.com 6.9 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-250 Execution with Unnecessary Privileges

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
06.02.2026 09:59
https://my.f5.com/manage/s/article/K000157960
Vendor Advisory