Sun Java System Access Manager Session information is not cleared, leading to a Denial of Service (Doc ID 1189753.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle OpenSSO - Version: 7.0 and later   [Release: 7.0 and later ]
Information in this document applies to any platform.
Sun Java System access manager 7.0 patch 5 and earlier

Symptoms

Timed out sessions are not cleared from the access manager's session map, leading to a failure of the access manager to process new requests. Version 7.0 of Sun Access Manager, if not upgraded to patch revision 6 or later, is susceptible to this bug.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms