Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

'admin' local account automatically assigned to Admin role up on application restart

Zain
New Contributor
New Contributor

‎05/17/2022 02:03 PM

We are noticing that  Saviynt admin role   is added to local 'admin' account up on application restart regardless its being removed from UI. There is no audit log for this activity in the system and it opens an attack vector as someone can bypass SSO and login to the system using this local admin account. Appreciate if anyone did notice the same ? As a precaution we did change the password for this account. 

Labels:
0 Kudos
1 REPLY 1

Manikanta_S
Saviynt Employee
Saviynt Employee

‎05/18/2022 08:24 AM

Hello Zain,

This may be due to parameter( #arscloud.defaultuserrole=ROLE_ADMIN) in externalconfig.properties.

Please navigate to Admin ->Settings -> Configuration Files where you can edit  externalconfig.properties and try to assign a basic role to this parameter(#arscloud.defaultuserrole)

This change requires a restart to reflect, please let me know if this helps!

Kind Regards,

Manikanta.S

Thanks & Kind Regards,
Manikanta.S
Copyright © 2024 Khoros, LLC