Skip to main content
Skip table of contents

ISN 2019-01: UMS Vulnerability

Overview

Announced 28 March 2019

Severity: High

A security issue affects Universal Management Suite (UMS) in the following versions:

* UMS 6.x

* UMS 5.x

Details

An implementation bug in endpoint authentication allows an endpoint to impersonate another endpoint when communicating with UMS.

IGEL would like to thank Timo Lindfors from Nixu Corporation who discovered and reported this.

Update Instructions

UMS 6.x: Update to UMS 6.01.110 or newer.

UMS 5.x: Update to UMS 5.09.130 or newer.

To update your UMS installation, please follow these instructions: Universal Management Suite > (12.04-en) Universal Management Suite > (12.04-en) Universal Management Suite (UMS) > (12.04-en) UMS Reference Manual > (12.04-en) UMS Installation and Update > (12.04-en) IGEL UMS Update.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.