Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
F5 BIG-IP和Enterprise Manager 代码注入漏洞
Vulnerability Description
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的多合一网络设备。 F5 BIG-IP和Enterprise Manager的rsync守护进程中存在安全漏洞,该漏洞源于程序在故障转移模式中没有要求身份验证。远程攻击者可通过向ConfigSync IP地址发送cmi请求利用该漏洞读取或写入任意文件。以下产品和版本受到影响:F5 BIG-IP 11.6.0之前11.6版本,HF3之前11.5.1版本,HF4之前11.5.0版本,HF4之前11.4.1版本,HF7之前
CVSS Information
N/A
Vulnerability Type
N/A