Bug ID 780745: TMSH allows creation of duplicate community strings for SNMP v1/v2 access

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,,,, 15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,,, 15.1.9,, 15.1.10,,,

Opened: May 08, 2019

Severity: 3-Major


TMSH allows you to create multiple access records with the same IP protocol, same Source IP network, and same community string.


Unintended permissions can be provided when an undesired access record with the correct community string is matched to a request instead of the desired access record.


Duplicate access records are created in TMSH.


Use the Configuration Utility to manage SNMP v1/2c access records. (The GUI properly flags the error with the message: The specified SNMP community already exists in the database. If you use tmsh, ensure that community strings remain unique within each Source IP Network for each IP protocol.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips