Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

Are you an expert?    Interested in presenting at F5 AppWorld 2024?    Submit a proposal by Nov 29th!

01020036:3: The requested database variable (icontrol.basic_auth) was not found

Bryan_T_
MVP
MVP

‎18-Nov-2022 06:40

I'm trying to mitigate the SOAP vulnerability that just came out here:

https://support.f5.com/csp/article/K94221585

I get the below error. Any ideas?

[root@bigip1:Active:In Sync] config # tmsh modify sys db icontrol.basic_auth value disable
01020036:3: The requested database variable (icontrol.basic_auth) was not found.

Thanks

 

 

Labels:
0 Kudos
3 REPLIES 3

Enes_Afsin_Al
MVP
MVP

‎18-Nov-2022 07:11

Hi Bryan_T_,

This feature will be available in fixed versions.

To eliminate this vulnerability in the BIG-IP system, after installing a version listed in the Fixes introduced in column, you must disable Basic Authentication for iControl SOAP.

 

0 Kudos

Samir
MVP
MVP

‎19-Nov-2022 00:58

Which version of F5 you are running? You can verify the httpd.basic_auth  with these comamnd. 

BASH Mode command
getdb httpd.basic_auth

TMSH Mode command
tmsh list sys db httpd.basic_auth

If these are enabled then take recommended action based on f5

https://support.f5.com/csp/article/K94221585

Thank you

0 Kudos

Bryan_T_
MVP
MVP
In response to Samir

‎21-Nov-2022 06:52

root@(bigip1)(cfg-sync Changes Pending)(Active)(/Common)(tmos)# list sys db httpd.basic_auth
sys db httpd.basic_auth {
value "enable"
}
root@(bigip1)(cfg-sync Changes Pending)(Active)(/Common)(tmos)# quit
[root@bigip1:Active:Changes Pending] config # list sys db httpd.basic_auth
-bash: list: command not found
[root@bigip1:Active:Changes Pending] config #

 

0 Kudos
Copyright © 2023 Khoros, LLC