Affected Products

• RSA Governance and Lifecycle version 8.0.0 P09 and version 8.0.0 P09 HF01

Unaffected Products

• RSA Governance and Lifecycle version 8.0.0 P08 and earlier
• RSA Governance and Lifecycle version 8.0.0 P10 and later

Summary

When creating or modifying a Role, there is a possibility of assigning values in an unexpected sequence, which could lead to an incorrect assignment or an exception concerning custom attributes.

Example:

• A value designated for Attribute1 can also be utilized for Attribute2, and vice versa, resulting in incorrect assignment.
• If Attribute1 is of String type while Attribute2 is of Number type, an error will be displayed on the user interface, and the modifications to the Role will not be saved.
  
  

Impact Conditions

There may be consequences if a customer is using version 8.0.0 P09, and/or version 8.0.0 P09 HF01, and if any of the following conditions is met under Admin > Attributes > Role.

• Multiple attribute separators for Roles, and the names of these separators are not arranged in ascending order.
• Attributes have been imported recently, and there is at least one attribute separator for the Role attributes.

Affected Roles

If Roles are created or Role Attributes are modified in relation to this issue, there is a possibility that the Role Attributes may be incorrectly assigned. The KB Article will assist in identifying all roles that have been created or edited following the implementation of version 8.0.0 P09, and 8.0.0 P09 HF01. It also includes instructions for the remediation that should be executed prior to correcting the values of the Role attributes.

Recommendation
RSA recommends that customers using the affected versions of RSA Governance & Lifecycle follow the guidelines provided in the KB Article to assess if they are impacted. If they are impacted, follow the remediation steps provided in the KB Article.