Sun Java System Access Manager Session information is not cleared, leading to a Denial of Service

(Doc ID 1189753.1)

Last updated on MAY 07, 2018

Applies to:

Oracle OpenSSO - Version: 7.0 and later   [Release: 7.0 and later ]
Information in this document applies to any platform.
Sun Java System access manager 7.0 patch 5 and earlier


Timed out sessions are not cleared from the access manager's session map, leading to a failure of the access manager to process new requests. Version 7.0 of Sun Access Manager, if not upgraded to patch revision 6 or later, is susceptible to this bug.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms