Bug ID 781733: SNMPv3 user name configuration allows illegal names to be entered

Last Modified: Jun 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4, 14.1.0.5, 14.1.0.6, 15.0.0

Opened: May 13, 2019
Severity: 3-Major

Symptoms

The validation of SNMPv3 user names is not strict, and allows users of both the GUI and TMSH to enter badly formed user names. When the SNMP daemon reads these user names from the snmpd.conf file, validation rejects the names.

Impact

The user names are not accepted by the SNMP daemon when it reads the configuration from the snmpd.conf file.

Conditions

Poorly formed SNMPv3 user names can be entered into configuration, for example, names with embedded spaces.

Workaround

Use alphanumeric characters for SNMPv3 user names, and do not include embedded spaces in the names.

Fix Information

None

Behavior Change