Last Modified: Jun 25, 2026
Affected Product(s):
F5OS F5OS, F5OS-A, F5OS-C
Known Affected Versions:
F5OS-A 1.8.0, F5OS-A 1.8.1, F5OS-A 1.8.2, F5OS-A 1.8.3, F5OS-A 1.8.4, F5OS-C 1.8.0, F5OS-C 1.8.1, F5OS-C 1.8.2
Opened: Sep 22, 2025 Severity: 3-Major
When using an affected version of F5OS, TACACS users may successfully authenticate; however, the GUI session closes immediately, and any requests return a 401 error. The following error message is observed: ERROR: PAM validation failed: User role modified
TACACS users are unable to log into the F5OS GUI. Authentication succeeds, but authorization fails, resulting in immediate session termination and a 401 error. SSH access is unaffected.
-- Occurs on F5OS-A (rSeries) and F5OS-C (VELOS) platforms running version 1.8.x. -- TACACS server configuration includes a home directory attribute (F5-F5OS-HOMEDIR) with a trailing space (e.g., "/tmp ").
-- Remove any trailing spaces from the F5-F5OS-HOMEDIR attribute in the TACACS server configuration. -- Ensure all TACACS attributes are formatted correctly without extra whitespace.
None