Bug ID 1184821: Obscure crash in external authenticator

Last Modified: Dec 07, 2023

Affected Product(s):
F5OS F5OS(all modules)

Known Affected Versions:
F5OS-A 1.2.0

Fixed In:
F5OS-A 1.5.0, F5OS-A 1.4.0

Opened: Oct 31, 2022

Severity: 2-Critical

Symptoms

An unexpected sequence of characters in the username or password of an external login could cause a crash in the external authenticator.

Impact

The crash in these circumstances would prevent successful login. After analysis, it was deemed there was no security risk or exposure.

Conditions

Certain malformed usernames or passwords being used for external authentication.

Workaround

Use usernames and passwords for authentication via SSH or webUI that conform to the device username/password requirements.

Fix Information

The bug was fixed and a crash no longer occurs.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips