search cancel

CA Data Protection - iConsole session cookies are not refreshed correctly.

book

Article ID: 8693

calendar_today

Updated On:

Products

CA Data Protection (DataMinder)

Issue/Introduction

CA Data Protection iConsole uses cookies to maintain the sessionID. Consecutive login and logoff from the same user reuses the sessionID and is not renewed. This is a potential security loophole.

Environment

CA Data Protection 15.2 iConsole

Cause

Programmatic issue.

Resolution

FIX:SO09504 (incorporating Web_15.2_HF0196) has been released to address this issue and will renew the session ID for each login attempt..


https://casupport.broadcom.com/download-center/solution-detail.html?aparNo=SO09504&os=WINDOWS

Additional Information

Note:

This fix supersedes FIX:RO99173 (incorporating Web_15.20_HF0125, Web_Native_x64_15.20_HF0126.msp).