Last Modified: Oct 14, 2024
Affected Product(s):
F5OS Velos
Known Affected Versions:
F5OS-A 1.2.0, F5OS-A 1.3.0, F5OS-A 1.3.1, F5OS-A 1.3.2, F5OS-C 1.5.0, F5OS-C 1.5.1
Fixed In:
F5OS-C 1.6.0, F5OS-A 1.7.0, F5OS-A 1.5.0
Opened: Nov 03, 2022 Severity: 3-Major
System fails to change password and renders system in a degraded state where user management no longer works. System fails to provide proper user feedback to the user about failed password changes. As per testing, user password change either times out or fails with application communication failure, depending on 'system aaa password-policy config retries' value. When 'system aaa password-policy config retries 0' -> the error is "application timeout". When 'system aaa password-policy config retries 3' -> the error is "application communication failure".
F5OS user password cannot be changed.
This policy option is causing the problem: system aaa password-policy config retries 5
Do not change the configuration from default. system aaa password-policy config retries 5
N/A