PM77257: AppScan Enterprise 8.6.0.1 scan may taking very long time to complete

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Scans using ASE 8.6.0.1 against a web application may take a
    very long time to complete.
    
    The issue raised in this APAR is one of many possible reasons
    for a scan to take a long time to complete.  It is more common
    for long scan times to result from scan job configuration
    issues.
    
    Inspecting the logs a JSA issue with the StaticSecAnalyzer can
    be seen. In this specific issue the problem is reported against
    a PDF document that is processed but should not be. The PDF is
    returned from a form execution search request.
    
    To workaround the issue:
    1. Disable 'ParsePDF' in engine options.
    2. Disable JSA.
    3. Exclude the ?offending page? from scan
    4. Inspect the Explore Data and adjust the Redundancy Tuning to
    reduce the amount of requests to ?the offending page?
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    Scans using ASE 8.6.0.1 against a web application may take a
    very long time to complete.
    

Problem conclusion

  • Fixed in AppScan Enterprise 8.7 release
    

Temporary fix

Comments

APAR Information

  • APAR number

    PM77257

  • Reported component name

    SEC APPSCAN ENT

  • Reported component ID

    5724T5200

  • Reported release

    860

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2012-11-16

  • Closed date

    2013-03-27

  • Last modified date

    2013-03-27

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    SEC APPSCAN ENT

  • Fixed component ID

    5724T5200

Applicable component levels

  • R860 PSN

       UP



Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

IBM Security AppScan Enterprise

Software version:

8.6

Reference #:

PM77257

Modified date:

2013-03-27

Translate my page

Machine Translation

Content navigation