Symantec Privileged Access Management

​Hi

Facing an issue with Transparent login in PAM version 3.4:

1. User 1 access a service >>>> RDP to Jump Server >>> Jump server SSH to the end Linux server using PuTTY

2. User 1 post completion of work closes the window from the top right X , here the session from PAM to the Target device/server should also logout.

3. User 2 access the same server but the prompt shows the 2 session, User 2  can login into the previous session of the User 1.

This is a security breach, read this article which was a bit similar but not exact.

https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=793689#bm305f625f-de86-4bd8-b35c-8572f17d6cbf

The same setup was running in previous version of 3.2.3

Any suggestion here.

This is subject of an active support case. Internal testing finds the same behavior for 3.2.3 and 3.4. Closing the RDP application windows, which closes the PAM RDP session, avoids the problem, but it is understood that it would be better if PAM always forced closing of the session and didn't leave it up to the Windows server to keep it active or not. This is still under investigation.
Original Message:
Sent: 06-16-2020 11:30 AM
From: Manish Arora
Subject: PAM 3.4 Transparent Login not working

​Hi

Facing an issue with Transparent login in PAM version 3.4:

1. User 1 access a service >>>> RDP to Jump Server >>> Jump server SSH to the end Linux server using PuTTY

2. User 1 post completion of work closes the window from the top right X , here the session from PAM to the Target device/server should also logout.

3. User 2 access the same server but the prompt shows the 2 session, User 2  can login into the previous session of the User 1.

This is a security breach, read this article which was a bit similar but not exact.

https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=793689#bm305f625f-de86-4bd8-b35c-8572f17d6cbf

The same setup was running in previous version of 3.2.3

Any suggestion here.