Description
On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files.
Published: 2018-12-12
Score: 7.5 High
EPSS: 2.2% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2018-7206 On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files.
History

No history.

Subscriptions

F5 Big-ip Access Policy Manager Big-ip Advanced Firewall Manager Big-ip Analytics Big-ip Application Acceleration Manager Big-ip Application Security Manager Big-ip Domain Name System Big-ip Edge Gateway Big-ip Fraud Protection Service Big-ip Global Traffic Manager Big-ip Link Controller Big-ip Local Traffic Manager Big-ip Policy Enforcement Manager Big-ip Webaccelerator Big-iq Centralized Management Enterprise Manager Iworkflow
cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published:

Updated: 2024-08-05T09:54:01.940Z

Reserved: 2018-08-14T00:00:00.000Z

Link: CVE-2018-15328

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-12-12T14:29:00.227

Modified: 2024-11-21T03:50:34.407

Link: CVE-2018-15328

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses