Description
A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow excessive permissions to read cluster secrets.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Published: 2026-02-04
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Secret Disclosure
Action: Patch
AI Analysis

Impact

A flaw in F5 BIG‑IP Container Ingress Services permits an attacker to read cluster secrets that should be protected, exposing critical credentials and configuration data. The vulnerability arises from excessive permissions granted to the ingress services, allowing read access to privileged secrets. The direct consequence is the loss of confidentiality for system secrets, potentially enabling credential theft and further compromise.

Affected Systems

The issue affects F5’s BIG‑IP Container Ingress Services, though specific affected version numbers are not disclosed. Software versions that have reached End of Technical Support are not evaluated. No other vendors or products are listed as affected.

Risk and Exploitability

The CVSS score of 6.9 indicates moderate severity, while the EPSS score of less than 1% suggests a low probability of exploitation at this time. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Exploitation would likely require network access to the ingress service or the ability to send specially crafted requests, and it relies on the attacker already having some level of access to the cluster environment.

Generated by OpenCVE AI on April 17, 2026 at 23:49 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade F5 BIG‑IP Container Ingress Services to the latest supported release that addresses the excessive privilege issue.
  • Limit the permissions of the service accounts used by the ingress services so they can read only the resources required for operation.
  • Audit and monitor access to cluster secrets, and enforce strict access control policies to detect and prevent unauthorized secret reads.

Generated by OpenCVE AI on April 17, 2026 at 23:49 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 13 Feb 2026 22:00:00 +0000

Type Values Removed Values Added
First Time appeared Kubernetes
Kubernetes kubernetes
Redhat
Redhat openshift
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*
cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*
Vendors & Products Kubernetes
Kubernetes kubernetes
Redhat
Redhat openshift

Wed, 04 Feb 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared F5
F5 big-ip Container Ingress Services
Vendors & Products F5
F5 big-ip Container Ingress Services

Wed, 04 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Feb 2026 15:30:00 +0000

Type Values Removed Values Added
Description A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow excessive permissions to read cluster secrets.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Title BIG-IP Container Ingress Services vulnerability
Weaknesses CWE-250
References
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

F5 Big-ip Container Ingress Services
Kubernetes Kubernetes
Redhat Openshift
cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published:

Updated: 2026-02-04T15:58:22.668Z

Reserved: 2026-01-21T21:33:16.368Z

Link: CVE-2026-22549

cve-icon Vulnrichment

Updated: 2026-02-04T15:58:15.825Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-04T16:16:19.290

Modified: 2026-02-13T21:45:34.677

Link: CVE-2026-22549

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T00:00:09Z

Weaknesses