Last Modified: Oct 21, 2024
Affected Product(s):
F5OS Velos
Fixed In:
F5OS-C 1.6.2, F5OS-A 1.8.0, F5OS-A 1.5.2
Opened: Aug 21, 2023 Severity: 1-Blocking
If you create a remote user on the RADIUS, TACACS+, or LDAP servers with the same username as a local F5OS user, the remote user will be granted the local user's roles upon authentication.
Remote user will take the local user's privileges.
A remote user is created with the same username as a local user and remote authentication is enabled.
Do not create a remote user with the same username as the local user. If you have created already, change the username for either the local user or the remote user.
If a remote user is created with the same username as a local user, the remote user's authentication will be rejected. Only the local user will have access to the F5OS system.