Some sessions are getting mixed while using NTLM/Kerberos authentication.
The IISCacheDisable ACO has been set, but it isn't effective (1).
The workaround is to use the Default application pool in classic mode instead of integrated.
To solve this issue: