000019566 - Microsoft Outlook Web Access allows a different login ID after SecurID authentication

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019566
Applies ToMicrosoft Outlook Web Access (OWA)
Microsoft Internet Information Server (IIS)
RSA ACE/Server
RSA ACE/Agent for Windows
RSA ACE/Agent for Web
IssueMicrosoft Outlook Web Access allows a different login ID after SecurID authentication
After authenticating via the ACE/Agent, Outlook Web Access asks for a separate user name and password. You are able to submit a different user name & password combination and gain access to another user's mailbox.
ResolutionRSA Security has created a hot fix for this issue in both ACE/Agent 4.4.3 and ACE/Agent 5.0. Please contact RSA Technical Support and request the hot fix tst00026841.
Legacy Article IDa10446

Attachments

    Outcomes