Forum Discussion

Bryan_T_'s avatar
Nov 18, 2022

01020036:3: The requested database variable (icontrol.basic_auth) was not found

I'm trying to mitigate the SOAP vulnerability that just came out here:

https://support.f5.com/csp/article/K94221585

I get the below error. Any ideas?

[root@bigip1:Active:In Sync] config # tmsh modify sys db icontrol.basic_auth value disable
01020036:3: The requested database variable (icontrol.basic_auth) was not found.

Thanks

 

 

  • Hi Bryan_T_,

    This feature will be available in fixed versions.

    To eliminate this vulnerability in the BIG-IP system, after installing a version listed in the Fixes introduced in column, you must disable Basic Authentication for iControl SOAP.


     

  • Which version of F5 you are running? You can verify the httpd.basic_auth  with these comamnd. 

    BASH Mode command
    getdb httpd.basic_auth
    
    TMSH Mode command
    tmsh list sys db httpd.basic_auth

    If these are enabled then take recommended action based on f5

    https://support.f5.com/csp/article/K94221585

    Thank you

    • root@(bigip1)(cfg-sync Changes Pending)(Active)(/Common)(tmos)# list sys db httpd.basic_auth
      sys db httpd.basic_auth {
      value "enable"
      }
      root@(bigip1)(cfg-sync Changes Pending)(Active)(/Common)(tmos)# quit
      [root@bigip1:Active:Changes Pending] config # list sys db httpd.basic_auth
      -bash: list: command not found
      [root@bigip1:Active:Changes Pending] config #