Symptom:
User policy is configured to obscure passwords submitted to a Web page. But CA DataMinder inadvertently exposes these passwords in the Form Data tab of the Data Management console. In particular, this affects the Hotmail web site.
Reason:
This problem only occurs if a Web page has been designed so that passwords are submitted as hidden data. Normally, when CA DataMinder monitors data submitted to a Web page, it looks in the page’s HTML source code for <INPUT type=password> input fields. It then infers that any value entered in this field is a password and must be obscured. But some Web pages submit passwords using other field types, such as <INPUT type=hidden>. CA DataMinder is unable to recognize these passwords and assumes that any information submitted using these input fields is not sensitive and does not need to be obscured.
Solution:
If this problem affects captured data on your CMS, the only solution is to turn off capturing of submitted form data in the user policy.
|
Copyright © 2014 CA.
All rights reserved.
|
|