CVE-2018-15328

Published: Dec 12, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files.

Vendor	Product	Versions
F5 Networks, Inc.	BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), Enterprise Manager, BIG-IQ Centralized Management, F5 iWorkflow	affected `BIG-IP 14.0.x, 13.x, 12.x, 11.x` affected `EM 3.1.1` affected `BIG-IQ 6.x, 5.x, 4.x` affected `iWorkflow 2.x`

References

106258

vdb-entry

x_refsource_BID

https://support.f5.com/csp/article/K42027747

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-15328

Description

Affected Products

References