As the session id cookie is identical between tools, the first one to save a session prevents others from doing so because of permissions. If the permissions allowed it, it would - at best - cause sessions overwriting each other and at worst leak information and possibly authentication tokens between tools.
Fixing this requires either
(a) per-tool session.cookie_path so that every tool maintains distinct sessions or
(b) per-tool session.save_path so that every tool maintains separate session /data/
Version: unspecified
Severity: major