Last Modified: Mar 21, 2019
Affected Product:
See more info
BIG-IP TMOS
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4
Fixed In:
13.0.0
Opened: Mar 10, 2016
Severity: 3-Major
When setting up SO (security officer) password using "tmsh run util fips-util -f init", it accepts the password containing "\" without showing problems. However, card-sync will fail since it can't properly log on the fips with the password.
A password containing '\' will fail the card-sync process in FIPS HA setup.
FIPS card with a security officer that contains "\"
Reset the password using command "tmsh run util fips-util -f init" and avoid the special character '\'.
The fix makes fips (ngfips) able to properly handle "\" in the SO (security officer) password so that card-sync won't fail due to it.