Attempts to scrub/hash JSON data elements are not always working in RSA Web Threat Detection
RSA Product Set: Web Threat Detection RSA Product/Service Type: Mitigator RSA Version/Condition: 5.1.2 O/S Version: Red Hat Enterprise Linux 6.x
Attempts to hash/scrub JSON sensitive data elements are working sometimes but in other cases are NOT working as expected. This is causing sensitive customer data to be exposed to users accessing the FUI (Forensic User Interface).
JSON Selector scrubbing is working except for approximately 2-4% of the data in RSA Web Threat Detection version 5.1.2. The issue is random, as is how it is determined which field gets hashed or not when scrubbing fails is random as well. (e.g. Card Number, CVV, Expiration Date, Date Of Birth, etc.)
This issue has been resolved in RSA Web Threat Detection 6.1.