The passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files. (CVE-2018-15328)
Note: The BIG-IP system Secure Vault feature provides an additional layer of security to the BIG-IP system by encrypting passwords and passphrases, which the system stores in its configuration files. For more information, refer to K73034260: Overview of the BIG-IP system Secure Vault feature.
Impact
BIG-IP, BIG-IQ, F5 iWorkflow, and Enterprise Manager
This vulnerability may allow an attacker to use the clear text passphrases to compromise the SNMP monitoring devices.
Traffix SDC
There is no impact; this F5 product is not affected by this vulnerability.