Bug ID 1132733: LDAP config tried to configure blank bind password

Last Modified: Jul 09, 2024

Affected Product(s):
F5OS Velos(all modules)

Known Affected Versions:
F5OS-A 1.1.1, F5OS-C 1.5.0, F5OS-C 1.5.1

Fixed In:
F5OS-C 1.6.0, F5OS-A 1.4.0, F5OS-A 1.3.0

Opened: Jul 28, 2022

Severity: 2-Critical

Symptoms

When using the CLI or older webUI, it was possible to enter an "empty" password. This would cause nslcd to be incorrectly configured.

Impact

A blank password was highly unlikely to be the intended result and would fail to work correctly when configuring authentication or talking to the LDAP server.

Conditions

LDAP configured. Blank LDAP bind password entered: system aaa authentication ldap bindpw ""

Workaround

Explicitly set the bind password to unset: no system aaa authentication ldap bindpw

Fix Information

Fixed authentication so any form of "empty" password results in the password being unset.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips