Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.5.1 HF1, 11.6.1 HF1, 11.5.1 HF2, 11.6.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.6.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10
Fixed In:
11.6.0
Opened: Jun 11, 2013 Severity: 2-Critical Related Article:
K14743
Creating or modifying SNMP v3 users using the GUI or tmsh adds passwords in plain text to the /config/net-snmp/snmpd.conf file.
SNMP v3 user passwords are visible to those with root read access on the BIG-IP system until you run bigstart restart to restart the snmp process.
You have created or modified an SNMP v3 user using the GUI or with the command 'tmsh modify sys snmp users ...'
Run the command 'bigstart restart snmp' to restart snmp after creating or modifying SNMP v3 users. This results in encrypted passwords in the file.
Creating or modifying SNMP v3 users using the GUI or tmsh no longer adds passwords in plain text to the /config/net-snmp/snmpd.conf file. Now, passwords are encrypted.