Last Modified: Jun 04, 2025
Affected Product(s):
F5OS F5OS-A, F5OS-C
Known Affected Versions:
F5OS-A 1.1.0, F5OS-A 1.1.1, F5OS-C 1.3.2
Fixed In:
F5OS-C 1.8.0, F5OS-A 1.8.0
Opened: Aug 09, 2022 Severity: 3-Major
'system database config-restore' does not verify that the backup file is encrypted with the same database primary-key that is currently active on the device.
System will not operate properly because it will not be able to decode encrypted secrets that control certificates, private keys, and other items. Tenants will not operate properly.
Restoring a config-backup on a device with a different primary-key than when the backup was produced.
Ensure that a new config-backup is created after executing the "system aaa authentication primary-key set" command.
Config-restore fails is the database primary key does not match the config backup file, and reports the primary-key hash. Reset the primary-key to match the backup file in order to restore the backup file.