F5 Networks BIG-IP : BIG-IP SNMP vulnerability (K42027747)
Medium Nessus Plugin ID 119635
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe passphrases for SNMPv3 users and trap destinations that are used forauthentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files. (CVE-2018-15328)
Note : The BIG-IP system Secure Vault feature provides an additional layer of security to the BIG-IP system by encrypting passwords and passphrases, which the system stores in its configuration files. For more information, refer to K73034260: Overview of the BIG-IP system Secure Vault feature.
BIG-IP, BIG-IQ, F5 iWorkflow, and Enterprise Manager
This vulnerability may allow an attacker to use the clear text passphrases to compromise the SNMP monitoring devices.
There is no impact; this F5 product is not affected by this vulnerability.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K42027747.