Last Modified: May 29, 2024
Affected Product(s):
F5OS F5OS, Velos
Known Affected Versions:
F5OS-A 1.4.0
Opened: Feb 02, 2023 Severity: 2-Critical
From the CLI, a user is able to create a new RADIUS server without configuring the "secret" option. This is a mandatory parameter; without it, the server will not work.
The RADIUS server will not work correctly.
A user creates a new RADIUS server group but does not configure the "secret" option. appliance-1(config)# system aaa server-groups server-group radius-example config name radius-example type RADIUS appliance-1(config-server-group-radius-example)# servers server 1.2.3.4 config address 1.2.3.4 appliance-1(config-server-1.2.3.4)# commit Commit complete.
If the RADIUS server is missing the "secret" option, a user can manually configure it from the CLI, even after it is created. appliance-1(config-server-1.2.3.4)# radius config secret-key (<AES encrypted string>): **** appliance-1(config-server-1.2.3.4)# commit Commit complete.
None