11.5.4 HF4 - root password changed with localuser account

Question

Hey All,
My QA title says it all. I just ran into testing this, if a localuser account with admin role can change the root password. And yes it does.
passwd root
I thought it was a bug in the 11.5.4 HF2 alone. Is there an article on this.
Is this a normal behavior.

youssef1 · Answer

Hello,
A user with Administrator Role have a complete access to all objects on the system. He can create, delete, modify local users and can change root and admin password.
find below the kb that describe this:
If you have an Administrator user role, you can also change some properties of the root account. Specifically, you can change the password of the root account, and you can enable or disable access to the BIG-IP system through SSH.
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-concepts-11-4-0/10.html
This is for 11.4 version but the behaviour don't change....
Regards

Forum Discussion

11.5.4 HF4 - root password changed with localuser account

1 Reply

Recent Discussions

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Related Content

BIGIQ/DCD and BIGIP Admin password change

APM Customization: Password Change Validation

Automate scp transfers using password

Password Safety & Security: Passwords vs. Passphrases

Authentication issue when changing password