ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CA PIM: password mask of seos.audit

book

Article ID: 112260

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction

When we see PIM trace events with seaudit -tr command, we will see the password which is not encrypted.

[Reproduced steps]
1:
#selang
AC>cu root audit(trace)
2:
Please login to the PIM box with root user on another session(SSH).
3:
#selang -c 'eu testu1 password(admin01)'
#seaudi -a -tr
You will see the following event like this.
P TRACE root XXXXXXXX root root ARGS /opt/CA/AccessControl/bin/selang 994
EXECARGS: 'selang -c eu testu1 password(admin01)'

 

Cause

There is no code which is masked for trace events.

Environment

AIX/Linux
CA PIM12.8SP1

Resolution

AIX : T5C1148
Linux 64bit : T5C1149

If the testfix is applied, it will be showed as follows.
P TRACE root XXXXXXXX root root ARGS /opt/CA/AccessControl/bin/selang 994
EXECARGS: 'selang -c eu testu1 password(xxxxxxx)'

If the testfix is needed, please contact support team.
Support Portal