IBM Support

PI06760: AppScan Enterprise scans suspend when using Action Based Login scan templates

 

APAR status

  • Closed as program error.

Error description

  • In IBM Security AppScan Enterprise 8.8, when a job is created
based upon an existing IBM Security AppScan Standard template
(which uses an Action Based Login sequence) the scan may suspend
with a message about being unable to login to the application.

This is due to Internet Explorer having been configured to use
Enhanced IE on the agent machine for the Service Account.  To
work around the issue there are two possible workarounds to
this, which both must be applied on the the Agent machine:
- Add the target site to the Trusted Sites list under Tools ?
Internet Options ? Security ? Trusted Sites ? Sites
or
- Disable Enhanced IE through Control Panels ? Administrative
Tools ? Server Manager ? Configure IE ESC
in order for the Action Based Login to succeed.

Local fix

  • 



Problem summary


    

  • ****************************************************************
* USERS AFFECTED:                                              *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
AppScan Enterprise scans suspend when using Action Based
Login scan templates

The suspension was caused by the browser (IE) set to
Enhanced Security mode which prevented the required actions
for scanning.
A proper error message will be logged if scanning cannot
complete because IE is set in Enhanced Security Mode on the
scanner machines.
The Install of scanner agent would also produce a warning if
IE Enhanced Security Mode is detected during the install.

    



Problem conclusion


    

  • Fixed in 9.0 release of Appscan Enterprise

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    PI06760
    • 

  • Reported component name
    SEC APPSCAN ENT
    • 

  • Reported component ID
    5724T5200
    • 

  • Reported release
    870
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2013-11-21
    • 

  • Closed date
    2014-03-30
    • 

  • Last modified date
    2014-03-30
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SEC APPSCAN ENT
    • 

  • Fixed component ID
    5724T5200
    • 



Applicable component levels


    

  • R870  PSN
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSS9LM","label":"IBM Security AppScan Source for Automation"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"870","Line of Business":{"code":"LOB24","label":"Security Software"}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            11 December 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback