Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP All
Known Affected Versions:
11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Opened: Feb 04, 2015 Severity: 3-Major
Password-memory field of password policy is not enforced. That is, when the password-memory field is set to some nonzero value, users may change their passwords to any value that is accepted by the rest of the password policy, even if they have used those values previously within the time frame specified by password-memory.
This element of the password-policy is not enforced. This is intended behavior.
Password-memory is set to some nonzero value in the password-policy.
None.
None