All installations of IdM and RCS are vulnerable to this issue, including all versions prior to 4.0.1.10, 4.0.1.9, and 4.0.1.8. This issue has been fixed in these versions. For all other versions of Identity Management and Remote Connector Server, it is recommended that you upgrade as soon as possible. End users running any version of Identity Management or RCS are recommended to update their installations as soon as possible. If your organization has made an effort to upgrade to one of the fixed versions, we recommend keeping the LDAP connector disabled until you are sure that all users have been migrated. To disable the LDAP connector, set the connector's EnableUnauthenticatedAccess parameter to false.
How to check whether my installation is vulnerable to CVE-2022-0143
In order for your installation to be vulnerable, it must have the following settings:
- LDAP authentication enabled
- An LDAP server configured
- Authenticated users running as non-administrators
Microsoft Windows
- Remote Code Execution Vulnerability
Microsoft Security Updates
MS10-058 - A security update to resolve an issue where the application fails to stop properly and reboot if it is still running when the server terminates. This issue has been resolved in this security update.
MS10-063 - This update fixes a security vulnerability in the Digital Signature Trust Services Time Stamping Authority. This update resolves issues in how the time stamping authority verifies certificate signatures and removes vulnerable versions of Windows XP and Windows Server 2003. The update also resolves issues with how date stamps are computed for certain types of certificates, including self-signed certificates that do not contain a trust bit or do not use a trusted root certificate authority. The update does not include any new functionality.
MS10-074 - This feature improvements improves reliability of Windows Backup by adding software error detection and correction capabilities to improve backup operations on computers that have complex software configurations. As part of this improvement, changed include support for Windows 8 Client operating system, adding file attributes as properties, improved timestamping for files backed up to disk drives by excluding some parts of files from being restored, log file verification during backup operations, and better support for data deduplication while performing backups.
How to update Identity Management and Remote Connector Server
The easiest way to update is to use the Identity Management and Remote Connector Server Upgrade Wizard. This wizard will check your installation for vulnerabilities and pre-upgrade any necessary packages.
If you are unable to access the upgrade wizard, or if you are not able to install all of the needed packages manually, you can download the RPMs from our website:
Identity Management 4.0.1.10: https://www.ibm.com/support/docview.wss?uid=swg27007271
Remote Connector Server 4.0.1.10: https://www.ibm.com/support/docview.wss?uid=swg27033946
For other versions of Identity Management and Remote Connector Server, it is recommended that you upgrade as soon as possible by following these instructions:
What is the LDAP vulnerability?
The LDAP vulnerability is a security issue that could allow remote attackers to escalate their privileges by modifying the LDAP configuration file.
Timeline
Published on: 09/19/2022 22:15:00 UTC
Last modified on: 09/21/2022 18:27:00 UTC