F5 Big-IP rsync vulnerability - full file system access

Vulnerability Overview


Difficulty of Exploitation: Low
Impact: High
Risk Score: 9/10

A critical vulnerability has been found within F5 Big IP products affecting any system running v11.0 - 11.5.1 not having the following updated hotfixes applied:

11.5.1 HF3
11.5.0 HF4
11.4.1 HF4
11.4.0 HF7
11.3.0 HF9
11.2.1 HF11

All such systems are particularly affected if rsync ports are open to the internet.


  • Verify that all systems have TCP port 873 closed to the internet
    • Check self IP settings
    • Port scan internet-facing self IPs
    • Check vendor instructions for full details
  • Apply the most up to date hotfixes to systems
  • If you have any questions regarding this vulnerability or recommended steps; please raise a case with RedShield for further assistance. 


Vendor Announcement:


All RedShield customers affected by this vulnerability have been notified. 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request