When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 18 Sep 2024 21:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: f5

Published:

Updated: 2024-09-18T20:34:33.426Z

Reserved: 2023-10-05T19:17:34.501Z

Link: CVE-2023-43485

cve-icon Vulnrichment

Updated: 2024-08-02T19:44:42.276Z

cve-icon NVD

Status : Modified

Published: 2023-10-10T13:15:21.590

Modified: 2024-11-21T08:24:08.163

Link: CVE-2023-43485

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.