SNMP may expose sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is used with various profile types and is accessed using SNMPv2. (CVE-2019-6613)
Impact
An attacker with direct SNMP access to a BIG-IP system or an attacker with a privileged network position (Man-in-the-Middle) may be able to obtain the passphrases used within configuration profiles. Default configurations would not expose this issue, as remote SNMP access is disallowed by default.