01020036:3: The requested database variable (icontrol.basic_auth) was not found

Question

I'm trying to mitigate the SOAP vulnerability that just came out here:

https://support.f5.com/csp/article/K94221585

I get the below error. Any ideas?

[root@bigip1:Active:In Sync] config # tmsh modify sys db icontrol.basic_auth value disable
01020036:3: The requested database variable (icontrol.basic_auth) was not found.

Thanks

enes_afsin_al · Answer

Hi Bryan_T_,
This feature will be available in fixed versions.

To eliminate this vulnerability in the BIG-IP system, after installing a version listed in the Fixes introduced in column, you must disable Basic Authentication for iControl SOAP.

&nbsp;

samir · Answer

Which version of F5 you are running? You can verify the&nbsp;httpd.basic_auth&nbsp; with these comamnd.&nbsp;BASH Mode command
getdb httpd.basic_auth

TMSH Mode command
tmsh list sys db httpd.basic_authIf these are enabled then take recommended action based on f5https://support.f5.com/csp/article/K94221585Thank you

bryan_t_ · Answer

root@(bigip1)(cfg-sync Changes Pending)(Active)(/Common)(tmos)# list sys db httpd.basic_auth
sys db httpd.basic_auth {
value "enable"
}
root@(bigip1)(cfg-sync Changes Pending)(Active)(/Common)(tmos)# quit
[root@bigip1:Active:Changes Pending] config # list sys db httpd.basic_auth
-bash: list: command not found
[root@bigip1:Active:Changes Pending] config #

Forum Discussion

01020036:3: The requested database variable (icontrol.basic_auth) was not found

3 Replies

Recent Discussions

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Related Content

Distributed caching of authentication requests with NGINX Ingress Controller

Logging DNS Requests

F5 AWAF - bypass request based on the pressence of a request header - value

Using Client Subnet in DNS Requests

Large payload post requests aren't responding