search cancel

PIM(SAM) r14.0: Force logout at inputting Justification in Privileged Account request

book

Article ID: 134719

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

When customer created Privileged Account Requests, it forced logout and does not complete request. 

The problem occurred regardless of the browser and client machine.

Then he found the problem was caused by some special character in Justification field.

 Bad Character: "&<> 

The problem occurred only on PIM r14.0. 

Environment

Release : 14.0

Component : CA ControlMinder - Privileged Passwords

Cause

It works as design.

 

PIM has XSS protecting feature at all text input field From PIM r14.0.

These character ("&<>) are known as using at scripting.

So,  these characters can not be used at any text input field as XSS protecting feature.

Resolution

It works as design.

 

Please do not use  these character, "&<>, in text field, such like, Justification or description field.

However, these characters can be used in the following fields after applying testfix.

 

Panel (field name):

  Create Privileged Account (Description, Password and Confirm Password)

  Modify Privileged Account (Description)

  Manual Password Reset (New Password and Confirm Password)

  Modify Password Policy (Prohibited characters)

Additional Information

Please contact Broadcom support for the testfix.