← Back

CVE-2014-2927

nvd nist
Published: Oct 15, 2014Modified: May 6, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.

Affected (195)

F5
19 products
Arx
Big Ip Access Policy Manager
Big Ip Advanced Firewall Manager
Big Ip Analytics
Big Ip Application Acceleration Manager
Big Ip Application Security Manager
Big Ip Edge Gateway
Big Ip Global Traffic Manager
Big Ip Link Controller
Big Ip Local Traffic Manager
Big Ip Policy Enforcement Manager
Big Ip Protocol Security Module
Big Ip Wan Optimization Manager
Big Ip Webaccelerator
Big Iq Cloud
Big Iq Device
Big Iq Security
Enterprise Manager
Firepass
Configuration A
195 vulnerable
Vulnerable SoftwareAffected Versions
F5
Arx
Version 6.0.0
Arx
Version 6.1.0
Arx
Version 6.1.1
Arx
Version 6.2.0
Arx
Version 6.3.0
Arx
Version 6.4.0
F5
Big Ip Access Policy Manager
Version 10.1.0
Big Ip Access Policy Manager
Version 10.2.0
Big Ip Access Policy Manager
Version 10.2.1
Big Ip Access Policy Manager
Version 10.2.2
Big Ip Access Policy Manager
Version 10.2.3
Big Ip Access Policy Manager
Version 10.2.4
Big Ip Access Policy Manager
Version 11.0.0
Big Ip Access Policy Manager
Version 11.1.0
Big Ip Access Policy Manager
Version 11.2.0
Big Ip Access Policy Manager
Version 11.2.1
Big Ip Access Policy Manager
Version 11.3.0
Big Ip Access Policy Manager
Version 11.4.0
Big Ip Access Policy Manager
Version 11.4.1
Big Ip Access Policy Manager
Version 11.5.0
Big Ip Access Policy Manager
Version 11.5.1
Big Ip Access Policy Manager
Version 11.6.0
F5
Big Ip Advanced Firewall Manager
Version 11.3.0
Big Ip Advanced Firewall Manager
Version 11.4.0
Big Ip Advanced Firewall Manager
Version 11.4.1
Big Ip Advanced Firewall Manager
Version 11.5.0
Big Ip Advanced Firewall Manager
Version 11.5.1
Big Ip Advanced Firewall Manager
Version 11.6.0
F5
Big Ip Analytics
Version 11.0.0
Big Ip Analytics
Version 11.1.0
Big Ip Analytics
Version 11.2.0
Big Ip Analytics
Version 11.2.1
Big Ip Analytics
Version 11.3.0
Big Ip Analytics
Version 11.4.0
Big Ip Analytics
Version 11.4.1
Big Ip Analytics
Version 11.5.0
Big Ip Analytics
Version 11.5.1
Big Ip Analytics
Version 11.6.0
F5
Big Ip Application Acceleration Manager
Version 11.4.0
Big Ip Application Acceleration Manager
Version 11.4.1
Big Ip Application Acceleration Manager
Version 11.5.0
Big Ip Application Acceleration Manager
Version 11.5.1
Big Ip Application Acceleration Manager
Version 11.6.0
F5
Big Ip Application Security Manager
Version 10.0.0
Big Ip Application Security Manager
Version 10.0.1
Big Ip Application Security Manager
Version 10.1.0
Big Ip Application Security Manager
Version 10.2.0
Big Ip Application Security Manager
Version 10.2.1
Big Ip Application Security Manager
Version 10.2.2
Big Ip Application Security Manager
Version 10.2.3
Big Ip Application Security Manager
Version 10.2.4
Big Ip Application Security Manager
Version 11.0.0
Big Ip Application Security Manager
Version 11.1.0
Big Ip Application Security Manager
Version 11.2.0
Big Ip Application Security Manager
Version 11.2.1
Big Ip Application Security Manager
Version 11.3.0
Big Ip Application Security Manager
Version 11.4.0
Big Ip Application Security Manager
Version 11.4.1
Big Ip Application Security Manager
Version 11.5.0
Big Ip Application Security Manager
Version 11.5.1
Big Ip Application Security Manager
Version 11.6.0
F5
Big Ip Edge Gateway
Version 10.1.0
Big Ip Edge Gateway
Version 10.2.0
Big Ip Edge Gateway
Version 10.2.1
Big Ip Edge Gateway
Version 10.2.2
Big Ip Edge Gateway
Version 10.2.3
Big Ip Edge Gateway
Version 10.2.4
Big Ip Edge Gateway
Version 11.0.0
Big Ip Edge Gateway
Version 11.1.0
Big Ip Edge Gateway
Version 11.2.0
Big Ip Edge Gateway
Version 11.2.1
Big Ip Edge Gateway
Version 11.3.0
F5
Big Ip Global Traffic Manager
Version 10.0.0
Big Ip Global Traffic Manager
Version 10.0.1
Big Ip Global Traffic Manager
Version 10.1.0
Big Ip Global Traffic Manager
Version 10.2.0
Big Ip Global Traffic Manager
Version 10.2.1
Big Ip Global Traffic Manager
Version 10.2.2
Big Ip Global Traffic Manager
Version 10.2.3
Big Ip Global Traffic Manager
Version 10.2.4
Big Ip Global Traffic Manager
Version 11.0.0
Big Ip Global Traffic Manager
Version 11.1.0
Big Ip Global Traffic Manager
Version 11.2.0
Big Ip Global Traffic Manager
Version 11.2.1
Big Ip Global Traffic Manager
Version 11.3.0
Big Ip Global Traffic Manager
Version 11.4.0
Big Ip Global Traffic Manager
Version 11.4.1
Big Ip Global Traffic Manager
Version 11.5.0
Big Ip Global Traffic Manager
Version 11.5.1
Big Ip Global Traffic Manager
Version 11.6.0
F5
Big Ip Link Controller
Version 10.0.0
Big Ip Link Controller
Version 10.0.1
Big Ip Link Controller
Version 10.1.0
Big Ip Link Controller
Version 10.2.0
Big Ip Link Controller
Version 10.2.1
Big Ip Link Controller
Version 10.2.2
Big Ip Link Controller
Version 10.2.3
Big Ip Link Controller
Version 10.2.4
Big Ip Link Controller
Version 11.0.0
Big Ip Link Controller
Version 11.1.0
Big Ip Link Controller
Version 11.2.0
Big Ip Link Controller
Version 11.2.1
Big Ip Link Controller
Version 11.3.0
Big Ip Link Controller
Version 11.4.0
Big Ip Link Controller
Version 11.4.1
Big Ip Link Controller
Version 11.5.0
Big Ip Link Controller
Version 11.5.1
Big Ip Link Controller
Version 11.6.0
F5
Big Ip Local Traffic Manager
Version 10.0.0
Big Ip Local Traffic Manager
Version 10.0.1
Big Ip Local Traffic Manager
Version 10.1.0
Big Ip Local Traffic Manager
Version 10.2.0
Big Ip Local Traffic Manager
Version 10.2.1
Big Ip Local Traffic Manager
Version 10.2.2
Big Ip Local Traffic Manager
Version 10.2.3
Big Ip Local Traffic Manager
Version 10.2.4
Big Ip Local Traffic Manager
Version 11.0.0
Big Ip Local Traffic Manager
Version 11.1.0
Big Ip Local Traffic Manager
Version 11.2.0
Big Ip Local Traffic Manager
Version 11.2.1
Big Ip Local Traffic Manager
Version 11.3.0
Big Ip Local Traffic Manager
Version 11.4.0
Big Ip Local Traffic Manager
Version 11.4.1
Big Ip Local Traffic Manager
Version 11.5.0
Big Ip Local Traffic Manager
Version 11.5.1
Big Ip Local Traffic Manager
Version 11.6.0
F5
Big Ip Policy Enforcement Manager
Version 11.3.0
Big Ip Policy Enforcement Manager
Version 11.4.0
Big Ip Policy Enforcement Manager
Version 11.4.1
Big Ip Policy Enforcement Manager
Version 11.5.0
Big Ip Policy Enforcement Manager
Version 11.5.1
Big Ip Policy Enforcement Manager
Version 11.6.0
F5
Big Ip Protocol Security Module
Version 10.0.0
Big Ip Protocol Security Module
Version 10.0.1
Big Ip Protocol Security Module
Version 10.1.0
Big Ip Protocol Security Module
Version 10.2.0
Big Ip Protocol Security Module
Version 10.2.1
Big Ip Protocol Security Module
Version 10.2.2
Big Ip Protocol Security Module
Version 10.2.3
Big Ip Protocol Security Module
Version 10.2.4
Big Ip Protocol Security Module
Version 11.0.0
Big Ip Protocol Security Module
Version 11.1.0
Big Ip Protocol Security Module
Version 11.2.0
Big Ip Protocol Security Module
Version 11.2.1
Big Ip Protocol Security Module
Version 11.3.0
Big Ip Protocol Security Module
Version 11.4.0
Big Ip Protocol Security Module
Version 11.4.1
F5
Big Ip Wan Optimization Manager
Version 10.0.0
Big Ip Wan Optimization Manager
Version 10.0.1
Big Ip Wan Optimization Manager
Version 10.1.0
Big Ip Wan Optimization Manager
Version 10.2.0
Big Ip Wan Optimization Manager
Version 10.2.1
Big Ip Wan Optimization Manager
Version 10.2.2
Big Ip Wan Optimization Manager
Version 10.2.3
Big Ip Wan Optimization Manager
Version 10.2.4
Big Ip Wan Optimization Manager
Version 11.0.0
Big Ip Wan Optimization Manager
Version 11.1.0
Big Ip Wan Optimization Manager
Version 11.2.0
Big Ip Wan Optimization Manager
Version 11.2.1
Big Ip Wan Optimization Manager
Version 11.3.0
F5
Big Ip Webaccelerator
Version 10.0.0
Big Ip Webaccelerator
Version 10.0.1
Big Ip Webaccelerator
Version 10.1.0
Big Ip Webaccelerator
Version 10.2.0
Big Ip Webaccelerator
Version 10.2.1
Big Ip Webaccelerator
Version 10.2.2
Big Ip Webaccelerator
Version 10.2.3
Big Ip Webaccelerator
Version 10.2.4
Big Ip Webaccelerator
Version 11.0.0
Big Ip Webaccelerator
Version 11.1.0
Big Ip Webaccelerator
Version 11.2.0
Big Ip Webaccelerator
Version 11.2.1
Big Ip Webaccelerator
Version 11.3.0
F5
Big Iq Cloud
Version 4.0.0
Big Iq Cloud
Version 4.1.0
Big Iq Cloud
Version 4.2.0
Big Iq Cloud
Version 4.3.0
F5
Big Iq Device
Version 4.2.0
Big Iq Device
Version 4.3.0
F5
Big Iq Security
Version 4.0.0
Big Iq Security
Version 4.1.0
Big Iq Security
Version 4.2.0
Big Iq Security
Version 4.3.0
F5
Enterprise Manager
Version 2.1.0
Enterprise Manager
Version 2.2.0
Enterprise Manager
Version 2.3.0
Enterprise Manager
Version 3.0.0
Enterprise Manager
Version 3.1.0
Enterprise Manager
Version 3.1.1
F5
Firepass
Version 6.0.0
Firepass
Version 6.0.1
Firepass
Version 6.0.2
Firepass
Version 6.0.3
Firepass
Version 6.1.0
Firepass
Version 7.0.0

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

Source: cret@cert.org
Exploit
Source: cret@cert.org
Exploit
Source: cret@cert.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.