Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1
Fixed In:
14.0.0, 13.1.1.2
Opened: Jun 27, 2017 Severity: 3-Major
User is not able to reset the PIN when the password source field in RSA SecurID or RADIUS Auth agent is not set to default value(%{session.logon.last.password})
APM end users cannot reset the PIN or do not get authenticated.
- APM is licensed and provisioned. - RSA SecurID or RADIUS Auth agent is included in an access policy. - Password source field in this agent is changed to a custom value. - APM end user is challenged to reset the PIN or reenter the PIN/token.
There is no workaround other than not changing the default value in password source fields for RADIUS or RSA SecureID auth agent.
APM end users can now successfully reset the PIN or reenter the token. They can also use custom password session variables for authentication.