Bug ID 452753: Edge client on windows will logon user automatically during next attempt in some cases

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
11.4.1

Fixed In:
11.6.0, 11.4.1 HF6

Opened: Mar 18, 2014

Severity: 3-Major

Related Article: K76844230

Symptoms

In some advanced authentication scenarios, users are not asked for credentials on trying to connect again even if they explicitly disconnected the VPN previously.

Impact

Might have security implications if user's desktop is accessed by an attacker.

Conditions

Access policy authenticates the user using an external identity provider (IdP). User disconnects VPN after successful authentication

Workaround

Quit Edge client after disconnecting.

Fix Information

Now Edge Client cleans up cookies for all intermediate hosts visited during connect.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips