BugZero | Cisco BugID CSCwk25182 - C9800 Password Policy alert while login GUI using ...

Cisco - Defect ID: CSCwk25182

C9800 Password Policy alert while login GUI using tacacs credential after upgrade to 17.14.x

Cisco - Defect ID: CSCwk25182

C9800 Password Policy alert while login GUI using tacacs credential after upgrade to 17.14.x

Last updated on December 31st, 2025

BugZero Risk Score
6.1 Medium

Overall: 6.1

Severity: 6.4

Lifecycle: 9.1

Popularity: 5.1

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Views: 1

Description

General

Need to justify if C9800 local Password Policy is relate /not relate to tacacs credential

Symptom

The below error pop-up window while login GUI of the controller using tacacs credential "Password lifetime has not been configured for your ID. It is recommended to set the password expiry period. Contact your network administrator" SSH should work normal for same tacacs user without any alert.

Conditions

-No local password policy config on the C9800. -Message pop-up while Tacacs access to C9800. -The C9800 should be 17.14.x or later version. -However, taking ssh to C9800 with same tacacs creds working normal without any password policy alert.

Workaround

1. Selecting "Don’t show this message again" in the pop-up window possibly could remove this alert for that tacacs users. 2. Configuring Password Policy (GUI > Configuration > AAA > AAA advanced > Password Policy) could remove this alert. Note: Workaround #2, Configuring Password Policy does NOT apply to AAA configured users (e.g TACACS/Radius or OTP)

Further Problem Description

Why this pop-up while GUI access using tacacs users where customer have separate password policy managed by tacacs server.

Change history

2025-12-31 Added: 17.12.3, 17.14.1

Relevant Products

Click on a version to see all relevant bugs

Affected versions:17.12.3, 17.14.1

Fixed versions: 17.12.4, 17.12.4a, 17.12.4b, 17.12.5, 17.12.5a, 17.12.5b, 17.12.5c, 17.12.5d, 17.12.6, 17.12.6a, 17.15.1, 17.15.1a, 17.15.1b, 17.15.1w, 17.15.1x, 17.15.1y, 17.15.1z, 17.15.2, 17.15.2a, 17.15.2b, 17.15.2c, 17.15.3, 17.15.3a, 17.15.3b, 17.15.4, 17.15.4a, 17.15.4b, 17.15.4c, 17.15.4d, 17.15.4s1, 17.16.1, 17.16.1a, 17.17.1, 17.18.1, 17.18.1a, 17.18.1w, 17.18.2, 17.9.6, 17.9.6a, 17.9.6b, 17.9.7, 17.9.7a, 17.9.7b, 17.9.8

Relevant Products

Click on a version to see all relevant bugs

Affected versions:17.12.3, 17.14.1

Top Cisco Defects

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

Cisco - Defect ID: CSCwk25182

C9800 Password Policy alert while login GUI using tacacs credential after upgrade to 17.14.x

Cisco - Defect ID: CSCwk25182

C9800 Password Policy alert while login GUI using tacacs credential after upgrade to 17.14.x

Last updated on December 31st, 2025

BugZero Risk Score6.1 Medium

Bug Details

General

Symptom

Conditions

Workaround

Further Problem Description

Top Cisco Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
6.1 Medium