IBM Support

PI06760: AppScan Enterprise scans suspend when using Action Based Login scan templates

 

APAR status

  • Closed as program error.

Error description

  • In IBM Security AppScan Enterprise 8.8, when a job is created
    based upon an existing IBM Security AppScan Standard template
    (which uses an Action Based Login sequence) the scan may suspend
    with a message about being unable to login to the application.
    
    This is due to Internet Explorer having been configured to use
    Enhanced IE on the agent machine for the Service Account.  To
    work around the issue there are two possible workarounds to
    this, which both must be applied on the the Agent machine:
    - Add the target site to the Trusted Sites list under Tools ?
    Internet Options ? Security ? Trusted Sites ? Sites
    or
    - Disable Enhanced IE through Control Panels ? Administrative
    Tools ? Server Manager ? Configure IE ESC
    in order for the Action Based Login to succeed.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    AppScan Enterprise scans suspend when using Action Based
    Login scan templates
    
    The suspension was caused by the browser (IE) set to
    Enhanced Security mode which prevented the required actions
    for scanning.
    A proper error message will be logged if scanning cannot
    complete because IE is set in Enhanced Security Mode on the
    scanner machines.
    The Install of scanner agent would also produce a warning if
    IE Enhanced Security Mode is detected during the install.
    

Problem conclusion

  • Fixed in 9.0 release of Appscan Enterprise
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI06760

  • Reported component name

    SEC APPSCAN ENT

  • Reported component ID

    5724T5200

  • Reported release

    870

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-11-21

  • Closed date

    2014-03-30

  • Last modified date

    2014-03-30

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    SEC APPSCAN ENT

  • Fixed component ID

    5724T5200

Applicable component levels

  • R870 PSN

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSS9LM","label":"IBM Security AppScan Source for Automation"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"870","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
11 December 2021