ISN 2019-01: UMS Vulnerability
Overview
Announced 28 March 2019
Severity: High
A security issue affects Universal Management Suite (UMS) in the following versions:
* UMS 6.x
* UMS 5.x
Details
An implementation bug in endpoint authentication allows an endpoint to impersonate another endpoint when communicating with UMS.
IGEL would like to thank Timo Lindfors from Nixu Corporation who discovered and reported this.
Update Instructions
UMS 6.x: Update to UMS 6.01.110 or newer.
UMS 5.x: Update to UMS 5.09.130 or newer.
To update your UMS installation, please follow these instructions: Universal Management Suite > (12.04-en) Universal Management Suite > (12.04-en) Universal Management Suite (UMS) > (12.04-en) UMS Reference Manual > (12.04-en) UMS Installation and Update > (12.04-en) IGEL UMS Update.