Last Modified: Jun 28, 2025
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1, 16.1.5.2, 16.1.6, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2
Opened: Jul 29, 2021 Severity: 3-Major
TACACS account with a resource administrator role accessing Local Traffic››Virtual Servers: Virtual Server List››VS_NAME >> Security >> Policies throws an error on GUI, "An error has occurred when trying to process the request".
TACACS account remote user with resource administrator role is unable to access the security policy associated with the virtual server.
A remote user with a resource administrator role accessing a virtual server security policy
Then add the non-admin remote user account to this authz role. ############################################################# curl -sk -X PATCH 'https://<BIGIP>/mgmt/shared/authz/roles/iControl_REST_API_User' -H 'Authorization: Basic YWRtaW46ZjVzaXRlMDI=' -H 'Content-Type: application/json' -d '{ "userReferences": [ { "link": "https://localhost/mgmt/shared/authz/users/<non-admin-user-name>" } ] }' OR this from BIG-IP ################## restcurl -u admin:<admin-password> -X PATCH '/mgmt/shared/authz/roles/iControl_REST_API_User' -d '{ "userReferences": [ { "link": "https://localhost/mgmt/shared/authz/users/<non-admin-user-name>" } ] }'
None