Last Modified: Jun 04, 2025
Affected Product(s):
F5OS F5OS
Known Affected Versions:
F5OS-A 1.1.0, F5OS-A 1.1.1, F5OS-A 1.2.0
Fixed In:
F5OS-C 1.6.0, F5OS-A 1.4.0
Opened: Jun 21, 2022 Severity: 3-Major
F5OS by default enables basic authentication, meaning it allows users to perform create/modify/delete Restconf operations using basic authentication.
This basic authentication violates some of the customer security policies.
This is observed when the user tries to perform Restconf operations(except initial login) on F5OS using a username/password (basic authentication).
N/A
None