RSA Access Manager contains a security fix for sensitive information disclosure vulnerability where user passwords are potentially logged in plaintext within the log files of the runtime WS component. By default, the logging level is now set to ERROR, which is not affected by this vulnerability. This vulnerability only applies when the logging level is changed to INFO.
f2a7153a1c94a23e52c5a56371f0d3425921f5f0969eb2d87c60695686969f9f