CVE-2026-40629
highCVSS v3 Base Score
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.3%
Exploitation probability in 30 days
Top 76% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Confidentiality
None
Integrity
None
Availability
High
Vulnerability Report
Generated by CyberWatcher
Description
When SSL profiles are configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CWE
CWE-770Affected Products
f5 big-ip access policy managerf5 big-ip advanced firewall managerf5 big-ip advanced web application firewallf5 big-ip analyticsf5 big-ip application acceleration managerf5 big-ip application security managerf5 big-ip application visibility and reportingf5 big-ip automation toolchainf5 big-ip carrier-grade natf5 big-ip container ingress services