ID

VAR-201410-1053


CVE

CVE-2014-2927


TITLE

plural F5 BIG-IP Product rsync Arbitrary file read vulnerability in daemon

Trust: 0.8

sources: JVNDB: JVNDB-2014-005048

DESCRIPTION

The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address. Multiple F5 Networks products are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the application. F5 BIG-IP is an all-in-one network device integrated with network traffic management, application security management, load balancing and other functions from F5 Corporation of the United States. The following products and versions are affected: F5 BIG-IP 11.6 prior to 11.6.0, 11.5.1 prior to HF3, 11.5.0 prior to HF4, 11.4.1 prior to HF4, 11.4.0 prior to HF7, 11.3 prior to HF9. 0 version, 11.2.1 version before HF11, and 3.x version before Enterprise Manager 3.1.1 HF2

Trust: 1.98

sources: NVD: CVE-2014-2927 // JVNDB: JVNDB-2014-005048 // BID: 69461 // VULHUB: VHN-70866

AFFECTED PRODUCTS

vendor:f5model:big-ip edge gatewayscope:eqversion:10.1.0

Trust: 1.6

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.1

Trust: 1.6

vendor:f5model:big-ip link controllerscope:eqversion:11.5.1

Trust: 1.6

vendor:f5model:big-ip global traffic managerscope:eqversion:11.4.1

Trust: 1.6

vendor:f5model:big-ip link controllerscope:eqversion:11.6.0

Trust: 1.6

vendor:f5model:big-ip link controllerscope:eqversion:11.5.0

Trust: 1.6

vendor:f5model:big-ip global traffic managerscope:eqversion:10.0.0

Trust: 1.6

vendor:f5model:big-ip global traffic managerscope:eqversion:10.0.1

Trust: 1.6

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.0

Trust: 1.6

vendor:f5model:big-ip global traffic managerscope:eqversion:11.4.0

Trust: 1.6

vendor:f5model:big-ip protocol security modulescope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.2.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.2.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:10.2.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:10.0.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.1.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:firepassscope:eqversion:6.0.2

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.0.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-iq devicescope:eqversion:4.2.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.0.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:arxscope:eqversion:6.2.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:10.1.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:10.2.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:enterprise managerscope:eqversion:3.1.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:arxscope:eqversion:6.3.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:10.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:arxscope:eqversion:6.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:enterprise managerscope:eqversion:2.2.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.0.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.3.0

Trust: 1.0

vendor:f5model:enterprise managerscope:eqversion:3.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:enterprise managerscope:eqversion:3.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.2.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.2.0

Trust: 1.0

vendor:f5model:firepassscope:eqversion:6.0.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.1.0

Trust: 1.0

vendor:f5model:firepassscope:eqversion:6.0.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-iq cloudscope:eqversion:4.3.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.0.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.0.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.0.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:enterprise managerscope:eqversion:2.1.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:firepassscope:eqversion:6.0.3

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.2.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-iq devicescope:eqversion:4.3.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-iq cloudscope:eqversion:4.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:eqversion:11.5.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:arxscope:eqversion:6.4.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:11.0.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.0.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.0.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:arxscope:eqversion:6.0.0

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-ip wan optimization managerscope:eqversion:10.0.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.2.1

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.2.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:10.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:big-iq securityscope:eqversion:4.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:10.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:firepassscope:eqversion:7.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.2.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.0.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.4.1

Trust: 1.0

vendor:f5model:firepassscope:eqversion:6.1.0

Trust: 1.0

vendor:f5model:enterprise managerscope:eqversion:2.3.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:eqversion:11.3.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.2.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:eqversion:11.4.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:11.6.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:eqversion:10.2.4

Trust: 1.0

vendor:f5model:big-iq cloudscope:eqversion:4.2.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:eqversion:11.2.0

Trust: 1.0

vendor:f5model:arxscope:eqversion:6.1.1

Trust: 1.0

vendor:f5model:big-ip protocol security modulescope:eqversion:10.2.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:eqversion:10.0.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-iq cloudscope:eqversion:4.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:eqversion:11.1.0

Trust: 1.0

vendor:f5model:big-ipscope:eqversion:access policy manager 11.0.0 to 11.5.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:advanced firewall manager 11.3.0 to 11.5.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:analytics 11.0.0 to 11.5.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:application acceleration manager 11.4.0 to 11.5.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:application security manager 11.0.0 to 11.5.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:edge gateway 11.0.0 to 11.3.0

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:global traffic manager 11.0.0 to 11.5.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:link controller 11.0.0 to 11.5.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:local traffic manager 11.0.0 to 11.5.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:policy enforcement manager 11.3.0 to 11.5.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:protocol security module 11.0.0 to 11.4.1

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:wan optimization manager 11.0.0 to 11.3.0

Trust: 0.8

vendor:f5model:big-ipscope:eqversion:webaccelerator 11.0.0 to 11.3.0

Trust: 0.8

vendor:f5model:enterprise manager softwarescope:eqversion:3.0.0 to 3.1.1

Trust: 0.8

sources: JVNDB: JVNDB-2014-005048 // CNNVD: CNNVD-201408-492 // NVD: CVE-2014-2927

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-2927
value: HIGH

Trust: 1.0

NVD: CVE-2014-2927
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201408-492
value: CRITICAL

Trust: 0.6

VULHUB: VHN-70866
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-2927
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-70866
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-70866 // JVNDB: JVNDB-2014-005048 // CNNVD: CNNVD-201408-492 // NVD: CVE-2014-2927

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-70866 // JVNDB: JVNDB-2014-005048 // NVD: CVE-2014-2927

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201408-492

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201408-492

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-005048

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-70866

PATCH

title:SOL15236: ConfigSync IP Rsync full file system access vulnerabilityurl:https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html

Trust: 0.8

title:Hotfix-EM-3.1.1-68.0-HF4url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52009

Trust: 0.6

title:Hotfix-BIGIP-11.4.0-2440.0-HF7url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52004

Trust: 0.6

title:Hotfix-BIGIP-11.2.1-1292.0-HF11url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52002

Trust: 0.6

title:BIGIP-11.6.0.0.0.401url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52008

Trust: 0.6

title:Hotfix-BIGIP-11.3.0-3158.0-HF9url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52003

Trust: 0.6

title:Hotfix-BIGIP-11.5.1.3.0.131-HF3url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52007

Trust: 0.6

title:Hotfix-BIGIP-11.5.0.4.0.245-HF4url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52006

Trust: 0.6

title:Hotfix-BIGIP-11.4.1-647.0-HF4url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52005

Trust: 0.6

sources: JVNDB: JVNDB-2014-005048 // CNNVD: CNNVD-201408-492

EXTERNAL IDS

db:NVDid:CVE-2014-2927

Trust: 2.8

db:EXPLOIT-DBid:34465

Trust: 1.7

db:BIDid:69461

Trust: 1.0

db:JVNDBid:JVNDB-2014-005048

Trust: 0.8

db:CNNVDid:CNNVD-201408-492

Trust: 0.7

db:SEEBUGid:SSVID-87225

Trust: 0.1

db:VULHUBid:VHN-70866

Trust: 0.1

sources: VULHUB: VHN-70866 // BID: 69461 // JVNDB: JVNDB-2014-005048 // CNNVD: CNNVD-201408-492 // NVD: CVE-2014-2927

REFERENCES

url:https://support.f5.com/kb/en-us/solutions/public/15000/200/sol15236.html

Trust: 1.7

url:http://www.exploit-db.com/exploits/34465

Trust: 1.7

url:http://www.security-assessment.com/files/documents/advisory/f5_unauthenticated_rsync_access_to_remote_root_code_execution.pdf

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2927

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2927

Trust: 0.8

url:http://www.securityfocus.com/bid/69461

Trust: 0.6

sources: VULHUB: VHN-70866 // JVNDB: JVNDB-2014-005048 // CNNVD: CNNVD-201408-492 // NVD: CVE-2014-2927

CREDITS

Thomas Hibbert

Trust: 0.9

sources: BID: 69461 // CNNVD: CNNVD-201408-492

SOURCES

db:VULHUBid:VHN-70866
db:BIDid:69461
db:JVNDBid:JVNDB-2014-005048
db:CNNVDid:CNNVD-201408-492
db:NVDid:CVE-2014-2927

LAST UPDATE DATE

2025-04-13T23:10:06.853000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-70866date:2015-01-26T00:00:00
db:BIDid:69461date:2015-03-19T09:31:00
db:JVNDBid:JVNDB-2014-005048date:2014-10-28T00:00:00
db:CNNVDid:CNNVD-201408-492date:2014-10-16T00:00:00
db:NVDid:CVE-2014-2927date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:VULHUBid:VHN-70866date:2014-10-15T00:00:00
db:BIDid:69461date:2014-08-28T00:00:00
db:JVNDBid:JVNDB-2014-005048date:2014-10-28T00:00:00
db:CNNVDid:CNNVD-201408-492date:2014-08-28T00:00:00
db:NVDid:CVE-2014-2927date:2014-10-15T14:55:06.743