Are Access Manager Agents susceptible to Session Fixation attacks?
Originally Published: 2009-05-26
Article Number
Applies To
RSA Access Manager 4.8 Agent for Apache 2.2
IBM Rational Appscan
Issue
IBM Rational Appscan report for the Access Manger Login pages were identified as potentially vulnerable for the reason ?Session Identifier Not Updated?.
Cause
Resolution
For more information on Session Fixation Attacks see http://capec.mitre.org/data/definitions/60.html
Related Articles
RSA Access Manger is unable to open new sockets Number of Views SOFTWARE_TOKEN_NOT_AVAILABLE_IN_SYSTEM_WITH_EXP_CRITERIA error although tokens exist in RSA Authentication Manager 8.x Number of Views Want to pass a configuration file to the FIM 3.0 / 3.1 Bulk Federation Utility Number of Views Test Access to Cloud Access Service Number of Views RSA ID Plus BlastRADIUS Vulnerability Fix: Frequently Asked Questions Number of Views
Trending Articles
How to Download OTP Token Seed Files from myRSA RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8
Don't see what you're looking for?
