A problem was discovered that prevents users from authenticating to deployments running RSA Authentication Manager 8.4 Patch 8 from the following agents if they are configured to use the special, non-default TCP mode:

• RSA Authentication API for C version 8.5.x or 8.6.x
• RSA Authentication Agent for Web for IIS version 8.x
• RSA Authentication Agent for Web for Apache Web Server version 8.x

If you are using one of these agents in TCP mode, do not install Patch 8. If you have already installed the patch and see authentications failing at the agent, contact RSA Customer Support for information on correcting the problem.

Only these agents are impacted and only when configured to use TCP mode authentication. These agents (and all other RSA SecurID agents) are NOT impacted when using the normal UDP or REST mode authentication. Agents based on the RSA Authentication API for Java version 8.5.x or 8.6.x are NOT impacted, even if they are configured to use the TCP mode.

The RSA SecurID Access Cloud Authentication service and identity router are not impacted.