Last Modified: Apr 28, 2025
Affected Product(s):
APM-Clients APM
Known Affected Versions:
7.2.1, 7.2.1.1, 7.2.1.2, 7.2.1.3, 7.2.1.4, 7.2.1.5, 7.2.2, 7.2.2.1, 7.2.2.2, 7.2.3, 7.2.3.1, 7.2.4, 7.2.4.2, 7.2.4.3, 7.2.4.4, 7.2.4.5, 7.2.4.6, 7.2.4.7, 7.2.4.8, 7.2.5
Opened: Jan 18, 2021 Severity: 3-Major
Two sessions are created for a single user.
Wrong policy is executed; VPN establishment may fail.
Edge Client initiates connection to one APM which redirects it to a different APM (or virtual server).
In the redirect ending, redirect to: https://main-vs/my.policy. To do so, perform the following: 1. Open the Visual Policy Editor for the Access Policy. 2. Select Edit Endings. 3. Select Redirect for the affected ending. 4. Enter the text: https://main-vs/my.policy 5. Select Save and Apply Access Policy. This causes Edge Client to connect to my.policy, and clear session deletion happens, with Edge Client attempting a completely new session by submitting client_data as well.
None