Last Modified: Jul 12, 2023
Known Affected Versions:
13.1.0, 220.127.116.11, 18.104.22.168, 22.214.171.124
Opened: Jan 16, 2018 Severity: 3-Major
If password value is empty, the following error message will be logged in /var/log/apm: err apmd: 014902f0:3: /Common/profile_name:Common:eb69a5gd: RADIUS Agent: Failed to read Password Source session variable:
User may not be authenticated.
This occurs only when following conditions are met: - RADIUS or SecurID auth agent is included in the access policy. - Empty password value is used for authentication.
- Add variable assignment agent before RADIUS/SecurID auth agent in the access policy. - Set 'session.logon.last.password' (or whatever password source is used for authentication) to a random value.
RADIUS/SecurID auth agent allows empty password value for authentication.