APAR status
Closed as program error.
Error description
When the administrator sets an user password for first time or resets it and the user is required to mandatory change the password initially entered by the administrator , it is possible to bypass the mandatory password change and access the internal authenticated pages.
Local fix
No work-around available
Problem summary
It is possible to bypass the change password phase when configured for an SSP admin user.
Problem conclusion
Added logic to fix the issue raised above by making sure that when a CM user has the "Must change password" flag set, that it could not be bypassed.
Temporary fix
Sent Customer SSP3420 Build 320.
Comments
APAR Information
APAR number
IT17358
Reported component name
STR SECURE PROX
Reported component ID
5725D0300
Reported release
342
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-10-05
Closed date
2016-11-10
Last modified date
2016-11-10
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
STR SECURE PROX
Fixed component ID
5725D0300
Applicable component levels
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SS6PNW","label":"Sterling Secure Proxy"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"342","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
Document Information
Modified date:
22 May 2025