Last Modified: Jun 30, 2025
Affected Product(s):
F5OS F5OS-A, Velos
Known Affected Versions:
F5OS-A 1.5.2, F5OS-C 1.6.2
Fixed In:
F5OS-C 1.8.0, F5OS-A 1.8.0, F5OS-A 1.5.3
Opened: Jan 30, 2024 Severity: 2-Critical
The first SSH login after editing role-based privileges for a remote RADIUS or TACACS+ user will still give the user their prior privileges (or, if the user is newly created, login will be rejected with a message saying "This account is currently not available"). Subsequent logins will apply the updated user privileges.
First login to system after creation fails, or first login after modification of user privileges gives the user incorrect privileges.
1. RADIUS or TACACS+ Authentication is enabled. 2. A new user is created in one of the above auth systems, or an existing user’s role-based access is modified. 3. The affected user SSHs into F5OS for the first time after the change in step #2.
None
Fix issue where first SSH login after editing remote RADIUS or TACACS+ user privileges will still apply old privileges.