000035691 - Out of Office Delegation allows Self Approval of Access Requests in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Nov 1, 2017Last modified by RSA Customer Support Employee on Jun 1, 2020
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000035691
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle 
RSA Version/Condition: 7.0.2
IssueWhen a supervisor sets themselves as Out of Office and designates their employee as a Delegate (Users > Users > {name of supervisor} > Set Out of Office button > Select Delegate), the employee is able to approve access requests for themselves.

The expected behavior is for the employee to approve access requests for the supervisor's other employees but should not be able to approve their own access requests.
CauseThis is a known issue reported in engineering ticket ACM-78740.
ResolutionThis issue is resolved in the following RSA Identity Governance & Lifecycle versions and patch levels:
  • RSA Identity Governance & Lifecycle 7.0.2 P04
  • RSA Identity Governance & Lifecycle 7.1.0
WorkaroundCurrently there is no known workaround for this issue.