CA PIM: password mask of seos.audit
Article ID: 112260
Updated On:
Products
CA Virtual Privilege Manager
CA Privileged Identity Management Endpoint (PIM)
CA Privileged Access Manager (PAM)
Issue/Introduction
When we see PIM trace events with seaudit -tr command, we will see the password which is not encrypted.
[Reproduced steps]
1:
#selang
AC>cu root audit(trace)
2:
Please login to the PIM box with root user on another session(SSH).
3:
#selang -c 'eu testu1 password(admin01)'
#seaudi -a -tr
You will see the following event like this.
P TRACE root XXXXXXXX root root ARGS /opt/CA/AccessControl/bin/selang 994
EXECARGS: 'selang -c eu testu1 password(admin01)'
[Reproduced steps]
1:
#selang
AC>cu root audit(trace)
2:
Please login to the PIM box with root user on another session(SSH).
3:
#selang -c 'eu testu1 password(admin01)'
#seaudi -a -tr
You will see the following event like this.
P TRACE root XXXXXXXX root root ARGS /opt/CA/AccessControl/bin/selang 994
EXECARGS: 'selang -c eu testu1 password(admin01)'
Environment
AIX/Linux
CA PIM12.8SP1
CA PIM12.8SP1
Cause
There is no code which is masked for trace events.
Resolution
AIX : T5C1148
Linux 64bit : T5C1149
If the testfix is applied, it will be showed as follows.
P TRACE root XXXXXXXX root root ARGS /opt/CA/AccessControl/bin/selang 994
EXECARGS: 'selang -c eu testu1 password(xxxxxxx)'
If the testfix is needed, please contact support team.
Support Portal
Linux 64bit : T5C1149
If the testfix is applied, it will be showed as follows.
P TRACE root XXXXXXXX root root ARGS /opt/CA/AccessControl/bin/selang 994
EXECARGS: 'selang -c eu testu1 password(xxxxxxx)'
If the testfix is needed, please contact support team.
Support Portal
Feedback
Yes
No
Powered by
