Security Advisory Description
When TACACS+ audit forwarding is configured on a BIG-IP or BIG-IQ system, shared secret is logged in plaintext in the audit log. (CVE-2023-43485)
Impact
An authenticated attacker with at least auditor role privileges can view shared secret. There is no data plane exposure; this is a control plane issue only.