Cisco Bug: CSCul84317 - Service-Type not respected for some authorization exec LOCAL configs
Apr 16, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptoms: The Service-Type attribute is ignored when `aaa authorization exec LOCAL` is configured and the authentication server is not LDAP, TACACS , RADIUS or LOCAL. Conditions: Administrative authentication configured in a manner similar to: aaa authentication enable console kerberos-server-group aaa authorization exec LOCAL username restricted-admin attributes service-type nas-prompt This also applies to all other forms of admin authentication (ssh and telnet).
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases